How can I save my session in next Js using auth0. Every time I refresh the page the session is lost
I only configure auth0 to do Login and Logout, I can get the user information but once I refresh the page it is lost
Related
In a spring security application i am navigating to the login page and entering my credentials and getting logged in.Now again if i open a new tab in the same browser and navigate to the login url it shows me the login page.If I enter another users credentials and login my previous Jsession ID(ie: the one created in the previous tab) is getting overridden with the new jsession id.Upon refreshing the previous tab the session is overridden.
I want to implement that if a user is logged in already in the application, upon navigating to the url again in another tab on the same browser the homepage of the application should open.
Please advise as how I can accomplish that?
Since the server uses the cookie to map to the current session, you'd have to control how the browser sends cookies. Every time a request is sent to a website from a new tab, most browsers will send all the cookies it has for that domain. Since your server received the same session cookie, it will treat this request as being in the same session. There's no way it can tell the difference.
Therefore, as far as cookie-based web sessions go at least, you probably won't be able to force the creation of a new session upon opening a new tab.
I am using Laravel 5.7. For security reasons, I set my laravel application to automatically logout after one hour inactivity. But I want the user log back in the same page before they got kicked out by the system. I try to use Session, but it only store previous url which is the login page url. How can I retrieve that URL before user got automatically logout?
All you need to do is put this in your logout function.
session(['returnUrl' => url()->previous()]);
And then on login function, redirect user to session('returnUrl') and delete session data with session()->forget('returnUrl')
Use this in your login controller
url()->previous()
DWR is using DWRSessionID token for CSRF protection and it is not changing for each user session means logout from application is not changing the DWRSessionID and we will see same DWRSessionID by logging again without closing the browser.
This could be an issue (CSRF) if somebody steal the DWRSessionID and trying to send the links via email it will process the link if user is logged in again tinto the application as DWR is using the same DWRSessionID per browser instance instead of user session.
Is the above really an issue for CSRF or it is ok to have same DWRSessionID per browser instance instead of per user session.
I am using custom renderer for WebView to send headers in request in my PCL project. I am sending session token and i dont need to type password and login name. Thing is when I start to navigate in webview it throws me to the login page and makes me login. When I login normaly it saves session.
My question is how can I save session when I accesse the page using session token?
I'm using laravel Auth. When I login into my website all works great. When I try to refresh or go to another page (still using Auth middleware) my session is expired, I'm directly logged-out and I must login again. How can I fix this so I remain logged in when refreshing the page or browsing to another?