Simple Membership Plugin › Forums › Simple Membership Plugin › Login/Out Anomaly
Tagged: Immediate logout on login
- This topic has 21 replies, 5 voices, and was last updated 6 years, 4 months ago by mbrsolution.
-
AuthorPosts
-
March 3, 2017 at 4:09 pm #10347bobgarrettParticipant
We have a problem where users sometimes have difficulty accessing protected pages.
When visiting a page they are told they are not logged in, yet they are because some pages protected not by SMP are accessible and the login/logout page only offers the logout option.
I am now suspecting that there is a cookie difference in expiry date between what Simple Membership Plug stores and the expiry date of the WordPress cookie for someone logged in. Or possibly that the SMP cookie does not exist, it having expired, while the WP cookie is still present. Logging out and back in does not always seem to fix the problem which further complicates it.
Is that possible? How might we fix it?March 4, 2017 at 5:08 am #10353mbrsolutionModeratorHi, are your members login via Simple Membership or via WordPress Login?
March 4, 2017 at 7:09 am #10357bobgarrettParticipantGenerally they are logging in via the login on in another plugin WPSymposium Pro though they assure me this only uses the standard WP login.
Strangely, my investigation of this problem which is difficult because the problem only arises ocassionally, at one stage suggested some relationship to the use of WP Login as one user had the problem immediately after using this from resetting a password.
However, this problem has arisen once for me:
I was logged in one evening with no problem, the next morning I appeared to be logged in with Admin rights but could not view protected pages. Logging in with a different browser worked as did logging out and then back in resolved the problem. This suggested use of the WP Login was not involved but login and out was via the SP Symposium Pro login – but said they assure me it just uses standard WP Login.March 4, 2017 at 9:43 am #10358mbrsolutionModeratorHi, that to me looks more like a conflict with SP Symposium Pro login. Your members should only be login in through Simple Membership plugin. Can you enable Debug mode and next time someone reports an issue and you check the log files.
Thank you
March 5, 2017 at 6:58 am #10367bobgarrettParticipantI will do that but does that mean that using the standard wp-login.php method can cause this problem?
I did suspect it as one user had the problem immediately after they responded to a system message and used it to change their password and then log in.March 6, 2017 at 4:35 am #10373mbrsolutionModeratorI am not sure if that is what is causing the problem. However if you use Simple Membership plugin to manage all your members you will not have any issues.
March 6, 2017 at 9:11 am #10377bobgarrettParticipantThanks for your ongoing response.
Yesterday I changed the login process to use your plugins process. All appeared to be well.
This morning I had the problem!
When I visited the site and visited a protected page it told me I needed to be logged in. I went to the login page and it told me I was logged in!
I logged out and logged in again and then I had access.I will now turn debug mode and see when someone has the problem again.
March 6, 2017 at 9:13 am #10378bobgarrettParticipantI have just noted that WordPress do not recommend debug mode on live sites so will not do this.
Any other suggestions?March 6, 2017 at 9:27 am #10379mbrsolutionModeratorHi, you can use the plugins Debug mode. It creates a log file for you to peruse. Please enable Debug mode in the plugin and check next time someone reports the issue.
Do you have a cache plugin? If you do have a cache plugin have you excluded the login, registration pages from being cached?
March 7, 2017 at 3:34 pm #10393bobgarrettParticipantThanks for continuing support on this problem.
Having changed to using the Simple Membership Plugin login I have noted different problems.Firstly, prior to doing this, if I did not log out then returned the next day I would still be logged in with full rights including Admin (ie the admin bar would be at the top). Since changing the login method I find when I return that the admin bar is not there. If I go to the login page it tells me I am logged in. If I log out and then log in again then it appears.
Similarly, if I return the next day (having not logged out) then most protected pages are visible but not the Forum page of WP Symposium Pro. Again if I log out and then log in again then it appears.
Checking the debug file shows no problems.
So there is something now timing out at some time after the end of a session, but not immediately, which results in a returning user not having access to the forum and Administrators not seeing the admin bar despite seemingly still being logged in. Neither problem existed when using the Symposium Pro login method though it did seemingly at random prevent access to protected pages.
We have no cache plugin.
Any suggestions?
March 7, 2017 at 8:14 pm #10394mbrsolutionModeratorHi, this could be related to the browser cache or a server session. Check the server log files. However in my humble opinion you should really log out after a session. Someone a while back also had a similar problem and the solution is to log out after a session.
Kind regards
March 18, 2017 at 8:16 am #10520bobgarrettParticipantBut how do you insist that all log out at the end of a session? I have now tried plugin which logs you out after inactivity but this also fails to solve the problem as it only logs you out if you are online but inactive.
March 18, 2017 at 11:20 pm #10522mbrsolutionModeratorHi, the following was quoted by one of the developers.
It is out intention to keep the login active for longer period. Majority of the users hate having to log in again and again.
So if you are doing a project where you want to force logout users automatically and stuff, you will need to look for an alternative plugin as we can’t go down that route.
Solution 2: Add a message for your members to read when they log in.
The message could say something like
“Remember to log out after you have completed a session. If not the plugin will keep you logged in even if you have closed the browser. This might lead to other issues with other plugins. In that case the best solution is to clear the browser cache and then log back in.”
Let me know if you need more information.
Thank you
March 20, 2017 at 5:22 pm #10528bobgarrettParticipantCan you identify how/when a user who logged in with this plugin is deemed as logged out? When browser session closes? After a time period of X? After a time period of Y if they ticked “remember me”?
ThanksMarch 21, 2017 at 12:12 am #10530mbrsolutionModeratorHi, the plugin developer will reply to your question.
Thank you
-
AuthorPosts
- You must be logged in to reply to this topic.