-
It can happen if the block or page with login form is cached, so token parameter isn't renewing, it can be if you enabled cache for this block or this page in Studio, or maybe you are using some caching settings in your webserver, or maybe you are using Cloudflare with caching enabled.
-
I just enabled memcached from studio settings, www.example.com/studio/settings.php and it works perfectly on all previous versions, except this version.
my default.conf :
server { listen 8080 default_server; server_name localhost; root /opt/una; client_max_body_size 2048M; ########################################################################### ## Client Timeout ## ########################################################################### ## request timed out -- default 60 # read timeout for the request body from client, its set for testing purpose client_body_timeout 3600; # how long to wait for the client to send a request header, its set for testing purpose client_header_timeout 3600; # server will close connection after this time keepalive_timeout 3600; ## if client stop responding, free up memory -- default 60 send_timeout 3600; ## Reset lingering timed out connections. Deflect DDoS. ## allow the server to close connection on non responding client, this will free up memory reset_timedout_connection on; ########################################################################### ## Proxy Timeout ## ########################################################################### proxy_connect_timeout 3600; proxy_send_timeout 3600; proxy_read_timeout 3600; ########################################################################### ## Location / ## ########################################################################### location / { index index.html index.htm index.php; rewrite "^/page/(.*)$" /page.php?i=$1 last; rewrite "^/m/(.*)$" /modules/index.php?r=$1 last; rewrite "^/s/([a-zA-Z0-9_]+)/([a-zA-Z0-9\.]+)" /storage.php?o=$1&f=$2 last; if (!-e $request_filename) { rewrite ^/(.+)$ /r.php?_q=$1 last; break; } # Block requests with suspicious patterns#if ($query_string ~* "(\%60|\%7C|\%26|\%24|\%3B|\%28|\%29)") {#return 403; #} } index index.php index.html index.htm; location ~ \.php$ { fastcgi_pass php:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; # Timeout fastcgi_connect_timeout 3500; fastcgi_send_timeout 3500; fastcgi_read_timeout 3500; # Buffers fastcgi_buffer_size 128k; fastcgi_buffers 8 256k; fastcgi_busy_buffers_size 512k; fastcgi_temp_file_write_size 512k; } ########################################################################### ## serve static files directly Tanks to Alex T https://una.io/u/alex-t ## ########################################################################### location ~* ^(/cache_public/|/plugins_public/|/modules/|/studio/|/template/).+\.(jpg|jpeg|gif|css|png|js|ico|svg|eot|ttf|woff|woff2|)$ { access_log off; expires 1h; # root /opt/una # add_header Cache-Control "public"; try_files $uri =404; } ########################################################################### ## deny access to hidden files ## ########################################################################### location ~ /(\.ht|\.git) { deny all; } ########################################################################### ## deny access to specific folders ## ########################################################################### location ~ ^/(cache/|storage/|logs/|plugins/|tmp/) { deny all; } ########################################################################### ## Memcached Integration ## ########################################################################### location /memcached { # Example using just the URI as the key # set $memcached_key $uri; # Set the Memcached key with the prefix # set $memcached_key "${key_prefix}${uri}${is_args}${args}"; # Example with query parameters included#set $memcached_key $uri$is_args$args; # Example with a custom key # set $memcached_key "key-$uri-$arg_user_id"; set $key_prefix "site1_"; set $memcached_key "${key_prefix}${uri}${is_args}${args}"; # Pass the key to the Memcached server memcached_pass dragonflydb_cluster; # Define the response type default_type application/json; # Handle errors error_page 404 = /memcached_not_found; } location = /memcached_not_found { return 404 "{\"error\": \"Not found in Memcached\"}"; } }my mecached.conf
upstream dragonflydb_cluster { server 127.0.0.1:11211; server 127.0.0.1:11212; server 127.0.0.1:11213; }And indeed I have a cache for requests in front of the site, It's still experimental but it speeds up my website
my reverse proxy: https://github.com/kabballa/una-reverse-proxy
-
And indeed I have a cache for requests in front of the site, It's still experimental but it speeds up my website
my reverse proxy: https://github.com/kabballa/una-reverse-proxy
Please try to disable this, to see if this cause the issue.
-
We cannot disable the reverse proxy, because it serves multiple sites, it accelerates them and automatically manages digital certificates, but we will disable any manual manipulation of the
Set-Cookieheaders in our Caddy configuration:# Removed: # Set-Cookie "SameSite=None; Secure; HttpOnly; Path=/"From now on, all cookie handling will be managed entirely by the PHP backend, and the reverse proxy will simply forward the headers as-is.
We’ve tested this setup with UNA 14.0.0-RC5 and the Google Connect login flow and it appears to be working correctly now.
Thanks @Alex T⚜️ for the update and for pointing us in the right direction!
https://github.com/kabballa/una-reverse-proxy/commit/c8f5f0507cecf50ea267e3728c718bf9e82c70eb
-
Comment to 'Login form and Google Connect after upgrade to 14.0.0-RC4 TO 14.0.0-RC5'
