Website keeps logging out

denkstream · May 13, 2019, 8:58am

Hello Kirby community,

we’ve got an kirby powered website with around 80 users. All the content is hidden for public and accessible only to those users.

Everyone can login into it and access the website, but we’ve noticed that users keep beeing logged out unregulary, I even addet this to config file:

c::set('panel.session.timeout', 600);
c::set('panel.session.lifetime', 600);

But it doesn’t help unfortunately. Are there some other solutions to this?

texnixe · May 13, 2019, 9:06am

You could try and use a custom session fingerprint, check out this thread for suggestions: Get a longer timeout in the panel

denkstream · May 13, 2019, 9:42am

Hello @texnixe (again )

should I paste this into config?:
public static function fingerprint() {

// custom fingerprint callback
if(is_callable(static::$fingerprint)) {
  return call(static::$fingerprint);
} 

if(!r::cli()) {
  return sha1(Visitor::ua() . (ip2long($_SERVER['REMOTE_ADDR']) & ip2long('255.255.0.0')));      
} else {
  return '';
}

}

texnixe · May 13, 2019, 9:44am

The fingerprint stuff goes into the config, but not the method, just the fingerprint. I only posted the method for reference what is happening there.

denkstream · May 13, 2019, 9:46am

Sorry I’m being stupid about this, I’m trying to understand it

The fingerprint stuff is this I supose?

 return sha1(Visitor::ua() . (ip2long($_SERVER['REMOTE_ADDR']) & ip2long('255.255.0.0')));

so the config should be like something like this?

c::set('panel.session.timeout', 600);
c::set('panel.session.lifetime', 600);
return sha1(Visitor::ua() . (ip2long($_SERVER['REMOTE_ADDR']) & ip2long('255.255.0.0')));

texnixe · May 13, 2019, 9:46am

No like this:

Make sure to use something unique

denkstream · May 13, 2019, 9:50am

Thanks, I’ve implemented it this way

c::set('panel.session.timeout', 600);
c::set('panel.session.lifetime', 600);
s::$fingerprint = function() {
  return '_fingerprint';

Now I’m gonna watch it if it works

texnixe · May 13, 2019, 9:53am

You can use that hardcoded string for testing. But as I said, use something that is unique for each user in your final version.

denkstream · May 13, 2019, 9:54am

something like this from @francoisromain would be enough?

 s::$fingerprint = function() {
  return $user_name . '-fingerprint';
};

texnixe · May 13, 2019, 9:58am

I’d probably encode it somehow, eg

 s::$fingerprint = function() {
  return sha1($user_name . '-fingerprint');
};

denkstream · May 13, 2019, 10:08am

Thanks!

denkstream · May 14, 2019, 10:07am

Just a small Feedback - it seems to work fine

Topic		Replies	Views
Panel keep login out Questions v2	11	1846	February 6, 2025
Get a longer timeout in the panel Questions v2	7	1976	February 6, 2025
Forced Panel Logout on Media Temple Questions v2	8	1253	February 6, 2025
Using fingerprint to keep front-end users logged in Questions v3	3	557	July 4, 2020
Problem session timeout Questions v2	7	909	February 6, 2025

Website keeps logging out

Related topics