Authentication breaks when client refreshes browser

jola · July 26, 2019, 6:51am

Hi

We’re experiencing a weird issue on our development & staging environment.
On our localhost, everything works fine, running via ng serve.

On our dev & staging environment, it also works, once. If the user hits refresh, or otherwise closes the tab and opens it again, it will not work.

We followed the implementation guide for SPA when setting up, and seems to have narrowed the issue down to this code:

if (!this.auth0Client) {
this.auth0Client = await createAuth0Client(this.config);
}

On our localhost deployment, this resolves almost instantly, while on other deployments, never resolves, and simply times out, if you have refreshed the page.

The odd thing in all of this, if you leave the page up for a minute or so, it works.
Also, if you clear all your cookies, it will also work again.
Until you refresh. I’ve come to assume the page works after a minute because the cookie expires.

I’m thinking it may be an issue with caching, but otherwise, I have no idea.

I’ve also noticed when you log in on our dev environment, there’s a cookie called a0.spajs.txs which disappears generally after you hit the callback, I think. On our local deployment that stays.
The auth0.is.authenticated cookie stays on both local and dev deployments.

mathiasconradt · July 26, 2019, 11:12am

and simply times out

Maybe related to this (Is “Allowed Web Origins” set properly?):

jola · July 26, 2019, 11:33am

Thanks for the reply.

The Allowed Web Origins seems to be set correct, except from a trailing slash.
There does not seem to be any errors in the log regarding this.
The thing I’m having the most issues comprehending is why it works at first, but fails on refresh

mathiasconradt · July 26, 2019, 11:40am

The Allowed Web Origins seems to be set correct, except from a trailing slash.

Can you try to add the exact URL in terms of slashes. It might make a difference, just to be sure that’s not the issue. (I would leave the rest up to the SDK team to answer.)

danhowitt · July 27, 2019, 2:01pm

I’m was getting the exact same issue.

I had to add two entries to the Allow Web Origins box, one with http prefix and one without.
http://localhost:8001, localhost:8001

3 hours of my day lost to that!

jola · July 27, 2019, 3:07pm

I’ll check up on this tomorrow, thank you.

jola · July 27, 2019, 3:08pm

Okay, interesting, I’ll look into this tomorrow. Thank you.

jola · July 29, 2019, 6:49am

So, removing the trailing slash did seem to resolve the issue. Thanks all for the assistance

konrad.sopala · July 29, 2019, 7:08am

Perfect! Glad you have it working!

system · August 13, 2019, 7:08am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
React with Auth0 SPA looses login after refresh Help auth0 , refresh	10	13560	September 8, 2020
Auth0Client Object Taking a Long Time to Initialize in Auth0-SPA-JS Knowledge Articles auth0 , javascript , spa , oauth2 , auth0-spa-js	1	7652	July 12, 2019
createAuth0Client takes ~700ms every browser reload Help	8	3073	March 12, 2020
Authentication is lost after page refresh even with custom domain Help auth0-angular , sdks-quickstarts	3	172	June 17, 2024
Authentication is lost after page refresh Help	4	8135	April 13, 2021

Authentication breaks when client refreshes browser

Related Topics