Page MenuHomePhabricator
Create Task
Maniphest T224382

Investigate why tools do not stay logged in for the duration of the session cookie
Open, HighPublic
Actions

Description

Reported at T224358 for Tool-global-search, but we see the same issue with XTools and our other projects that use the mediawiki/oauthclient library. I'm not certain if mediawiki/oauthclient actually has anything to do with it, but that seems to be the commonality among these tools.

The cookie is set to expire an entire year after login, but it seems users get logged out within as little as half an hour.

Related Objects

Event Timeline

MusikAnimal created this task.May 26 2019, 11:04 PM
MusikAnimal updated the task description. (Show Details)
MusikAnimal mentioned this in T224358: 20c of thoughts for globalsearch tool.May 26 2019, 11:14 PM
MusikAnimal moved this task from Backlog to General / other on the XTools board.Jun 10 2019, 5:32 AM
Krinkle subscribed.Mar 31 2020, 5:49 PM

I can confirm that when using it throughout the day to find and keep track of my progress fixing deprecated JS stuff on-wiki, that it feels like I can never get it to stay logged in for more than 30 minutes or an hour at a time.

Almost every time I revisit one of the tabs to renew or tune the search query, I have to go through the OAuth cycle again.

Billinghurst awarded a token.Apr 1 2020, 9:00 PM
MusikAnimal mentioned this in T135046: Allowlist Cloud VPS instances that need XFF header passed through the web proxy.Apr 14 2020, 5:44 PM
MusikAnimal mentioned this in rXT4f15e8279fd8: Persist login sessions for 1 week.Dec 13 2020, 10:52 PM
MusikAnimal mentioned this in rXTf35b95832857: Persist login sessions for 1 week.Dec 15 2020, 9:16 PM
CptViraj subscribed.Dec 20 2020, 6:30 AM
dmaza subscribed.Jan 20 2021, 12:13 AM
Samwilson subscribed.Jan 20 2021, 12:15 AM
Krinkle unsubscribed.Jan 20 2021, 3:15 AM
MusikAnimal triaged this task as High priority.Mar 4 2021, 5:38 AM
MusikAnimal mentioned this in T276885: Sessions are not shared between the main app server and the API server.Mar 9 2021, 8:14 PM
MusikAnimal added subscribers: Krinkle, Billinghurst.Mar 30 2021, 2:43 PM

@Krinkle @Billinghurst I think I may have fixed this for Global Search. I've been logged in now for 15+ hours, which is a new record for me. Can either of you confirm you're also seeing longer login sessions?

The same fix did not appear to work for XTools. Investigation is ongoing.

Billinghurst added a comment.Apr 3 2021, 11:13 AM

@MusikAnimal <dancing> logged in for a couple of days now

Krinkle added a comment.Apr 3 2021, 8:57 PM

Me too. Looks good so far!

MusikAnimal removed a project: Tool-global-search.Apr 6 2021, 12:53 AM
MusikAnimal removed subscribers: Billinghurst, Krinkle.

Great! I am going to untag Tool-global-search and remove you two as subscribers, assuming you probably don't want to bothered about noise with us debugging XTools.

@Samwilson FYI this is what I did, which will probably work for any other Toolforge-based Symfony app: https://github.com/MusikAnimal/global-search/commit/12086c28a70e92ec86bf5ab6416466ffbf7a6964. The issue I believe is Symfony by default falls back to php.ini, which on Toolforge has sessions live for a mere 24 minutes. The same trick didn't work for XTools.

MusikAnimal mentioned this in rXT3232d0414b32: config: force use of native session handler.Apr 26 2021, 3:53 AM
MusikAnimal moved this task from General / other to Maintenance / tech debt on the XTools board.Aug 12 2023, 3:17 AM
JJMC89 mentioned this in T362456: CopyPatrol login session length too short.Apr 12 2024, 10:32 PM
JWheeler-WMF added a project: Community-Tech.Apr 18 2024, 5:42 PM
JWheeler-WMF moved this task from New & TBD Tickets to On deck (June 25-July 5) on the Community-Tech board.
MusikAnimal added a project: CopyPatrol.Apr 28 2024, 4:23 AM
MusikAnimal moved this task from Backlog to Front end on the CopyPatrol board.
Diannaa subscribed.Apr 28 2024, 1:14 PM
L3X1 subscribed.May 14 2024, 4:59 PM
JWheeler-WMF moved this task from On deck (June 25-July 5) to Maintenance Backlog on the Community-Tech board.Fri, May 31, 6:58 PM
MusikAnimal mentioned this in T367597: Login to X-Tools German Wikipedia.Wed, Jun 26, 9:51 PM
MusikAnimal merged a task: T367597: Login to X-Tools German Wikipedia.
MusikAnimal added a subscriber: Melly42.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits