I’ve just put up a new Kirby site on DigitalOcean, and while everything on the user side is working as expected, when trying to log in to the panel, every time I click Login, the page immediately refreshes and I’m not logged in. When I try and login the second time, I’m met with an ‘Invalid CSRF Token’ response. I’ve tried the solutions outlined in other topics similar to this, but this seems a bit different, as I’m getting a 200 response on the first attempt, and only getting the CSRF failure on the second attempt.
I’ve tried clearing cache + cookies and on several different browsers, and get the same error in each.
Edit: As well, even more bizarrely, occasionally I’m able to log in successfully, and stay logged in for about 10 seconds before I’m immediately logged out again.
I’m using Heroku-PHP-Apache2
My Kirby version is 3.9.8, PHP Version 8.2.11
No errors in the browser console, here’s the request/response from a successful api/auth/login POST request. This succeeds but then I’m immediately redirected to the login page, with different cookie values.
Heroku doesn’t have persistent storage, so this will not work. (Unless you store everything that needs to be persisted in a database and use as virtual pages, users etc. )
