I'm using AWS EC2 instance with Apache2, my config.json looks like below
{
"url": "https://app.mysite.com:4567",
"secret": "b75e7387-3d2a-487b-8b14-2c2c0c01c6fe",
"database": "mongo",
"mongo": {
"host": "127.0.0.1",
"port": "27017",
"username": "careerwaze",
"password": "careerwaze",
"database": "forums"
}
}
When i'm running with this configuration using "https://", getting "Login Unsuccessful We were unable to log you in, likely due to an expired session. Please try again" ie. invalid-csrf-token error. Here no of sessions are creating for one login.
26/7 09:31 [26144] - error: /login
invalid csrf token
When accessing with the below config.json i.e with "http://"
{
"url": "http://app.mysite.com:4567",
"secret": "b75e7387-3d2a-487b-8b14-2c2c0c01c6fe",
"database": "mongo",
"mongo": {
"host": "127.0.0.1",
"port": "27017",
"username": "careerwaze",
"password": "careerwaze",
"database": "forums"
}
}
Its logging correctly only one session object is creating. When logout the application it logging out successfully.
But when i'm using session sharing plugin to login from other application using "JWT" its logging in correctly, but when trying to logout its not working. Here session is deleting but immediately when i'm clicking refresh it again showing the same user.
I have tried all the possible combination while setting the cookie domain in session sharing plugin.
.mysite.com
*.mysite.com
mysite.com
app.mysite.com
Any help @julian @baris