-
Notifications
You must be signed in to change notification settings - Fork 10.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rocket.Chat Android apps are forcefully logged out after making CSS changes #28444
Comments
I confirm this issue in Rocket Chat 5.x and it happens in the iOS app too. |
Ooopsi. This is doesn't seem like a React App issue, sorry! Moving it back to main repo :) |
In fact, this problem occurs when you need to enter TOTP code when your making changes in Settings. After that, there is a logout from all other devices. |
Can confirm this. Still happens on 6.5.0 |
@sampaiodiego please review this issue, because it is very intrusive and brings a lot of inconvenience. I mentioned you because I don't know who can tackle this problem from Rocket team. |
I've no longer received reports of other (non-admin) users being logged out. Can someone confirm that any users other than yourself are being logged after making changes to CSS (or as @bulkinav mentioned, when doing any change in Settings that requires a TOTP verification)? Actually, I might have to rename this issue and alter its entire description if it's the same code throughout Settings which is causing the logout. |
alright, this is very weird but I've confirmed it definitely happens.. just to confirm, are you guys using 2FA via email or TOTP? |
@sampaiodiego happens to me without 2FA. I change some admin setting, have to enter my password to confirm and get logged out afterward on the Android app and other web browser sessions. I'm not immediately logged out of the current web session though. |
Same here, it's just asking for the user password. |
alright, I've found the issue.. it goes back to version 5.4.3 .. I'm still trying to understand the reasoning behind the change that introduced the issue.. I'll get back when have something else to share |
JFYI the fix has been published in 6.5.3 release |
Just to confirm that this is normal, after updating the docker version of Rocket.Chat, the web ui will no longer force-reload. Is this intended behavior? |
@chotaire there is a random delay now.. this was done to help hammering the backend with all clients reloading at the same time.. |
Thanks to the team for addressing all this. |
To my knowledge, this was already introduced some time ago in #30858. |
Description:
In Rocket.Chat 6.0.0, when making any change under Workspace -> Settings -> Layout -> Custom CSS, it seems that all users are logged out of their Rocket.Chat Android app sessions when they open the app thereafter.
Steps to reproduce:
Expected behavior:
Phone app users shouldn't be logged out, as CSS changes do not have any effect on the phone app at all. Instead, web browser sessions should be forcefully hard-reloaded, the same way it happens when updating Rocket.Chat (dockerized) to a newer version.
Actual behavior:
Phone app users are logged out after every change made to CSS. If a user is using multiple phones, they'll all be logged out. I did not receive any similar reports from iOS users.
Server Setup Information:
Client Setup Information
The text was updated successfully, but these errors were encountered: