starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-05 00:29:40 +03:00
Code Issues 32 Packages Projects Releases 10 Wiki Activity

Locked Vaults will Redirect to the sign in page even with the correct password after a long time. #175

New Issue
Closed
opened 2026-02-04 18:14:01 +03:00 by OVERLORD · 16 comments
OVERLORD commented 2026-02-04 18:14:01 +03:00
Owner
Copy Link

Originally created by @Ryonez on GitHub (Jan 5, 2019).

I use the web page to access the vault a lot, and find that when enough time has passed, entering my password into the locked vault page does nothing but redirect me to the login page. This is annoying as it has been happening often enough. I gave it the password, and it asks for it yet again.

Is there a way to fix this? My workaround at the moment has been to click "Log Out" form the log screen, but even that pops up a confirmation window.

Originally created by @Ryonez on GitHub (Jan 5, 2019). I use the web page to access the vault a lot, and find that when enough time has passed, entering my password into the locked vault page does nothing but redirect me to the login page. This is annoying as it has been happening often enough. I gave it the password, and it asks for it yet again. Is there a way to fix this? My workaround at the moment has been to click "Log Out" form the log screen, but even that pops up a confirmation window.
OVERLORD added the bug label 2026-02-04 18:14:01 +03:00
OVERLORD commented 2026-02-04 18:14:13 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub (Jan 5, 2019):

I'm not sure why this would be happening, do you get anything in the logs when you try to unlock and it redirects you?

@dani-garcia commented on GitHub (Jan 5, 2019): I'm not sure why this would be happening, do you get anything in the logs when you try to unlock and it redirects you?
OVERLORD commented 2026-02-04 18:14:17 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Jan 5, 2019):

I had this as well, unfortunately I didn't have access to logs at the time. I'll try to reproduce this later on, I think you just need to leave the Vault open for a while.

@mprasil commented on GitHub (Jan 5, 2019): I had this as well, unfortunately I didn't have access to logs at the time. I'll try to reproduce this later on, I think you just need to leave the Vault open for a while.
OVERLORD commented 2026-02-04 18:14:26 +03:00
Author
Owner
Copy Link

@Ryonez commented on GitHub (Jan 5, 2019):

I just restarted the server. But I can get the logs in a while, I enabled them yesterday when I went over my bitwarden_rs settings.

But there is like a timer to it. If it hasn't been to long, then you can unlock it fine. But once you hit that timer, you have to log in.

@Ryonez commented on GitHub (Jan 5, 2019): I just restarted the server. But I can get the logs in a while, I enabled them yesterday when I went over my bitwarden_rs settings. But there is like a timer to it. If it hasn't been to long, then you can unlock it fine. But once you hit that timer, you have to log in.
OVERLORD commented 2026-02-04 18:14:28 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub (Jan 5, 2019):

The authentication tokens we send expire after an hour, but the client has a refresh token that should not expire. It may be related to that.

@dani-garcia commented on GitHub (Jan 5, 2019): The authentication tokens we send expire after an hour, but the client has a refresh token that should not expire. It may be related to that.
OVERLORD commented 2026-02-04 18:14:37 +03:00
Author
Owner
Copy Link

@Ryonez commented on GitHub (Jan 6, 2019):

Hmm, it seems to be working now. I locked it before bed, and it let me back on without issue this morning.

I'll try again, maybe it was fixed in version 2.8? I can't find any issue for it logged there though.

I'll keep an eye out a little longer and see it does occur again.

@Ryonez commented on GitHub (Jan 6, 2019): Hmm, it seems to be working now. I locked it before bed, and it let me back on without issue this morning. I'll try again, maybe it was fixed in version 2.8? I can't find any issue for it logged there though. I'll keep an eye out a little longer and see it does occur again.
OVERLORD commented 2026-02-04 18:14:40 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Jan 6, 2019):

Yeah, can confirm. Left Vault locked for almost full day and it unlocks fine. I'm going to close it as it appears fixed, but feel free to re-open if you spot the issue again.

@mprasil commented on GitHub (Jan 6, 2019): Yeah, can confirm. Left Vault locked for almost full day and it unlocks fine. I'm going to close it as it appears fixed, but feel free to re-open if you spot the issue again.
OVERLORD commented 2026-02-04 18:14:50 +03:00
Author
Owner
Copy Link

@Ryonez commented on GitHub (Jan 7, 2019):

Gotcha, thank you.

@Ryonez commented on GitHub (Jan 7, 2019): Gotcha, thank you.
OVERLORD commented 2026-02-04 18:14:54 +03:00
Author
Owner
Copy Link

@Ryonez commented on GitHub (Jan 8, 2019):

I'm unable to reopen this myself, but I've got it happening again

image

Sorry for the picture, but mc wasn't letting me copy the text out.

@mprasil

@Ryonez commented on GitHub (Jan 8, 2019): I'm unable to reopen this myself, but I've got it happening again ![image](https://user-images.githubusercontent.com/16157130/50812850-343e9d00-1379-11e9-92c9-859173fc4ce8.png) Sorry for the picture, but mc wasn't letting me copy the text out. @mprasil
OVERLORD commented 2026-02-04 18:14:57 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Jan 8, 2019):

Hmmm.. "Invalid refresh token" seems to be the cause. I see There are two calls to /identity/connect/token, I wonder if that's just coincidence or actual cause of the problem..

@mprasil commented on GitHub (Jan 8, 2019): Hmmm.. "Invalid refresh token" seems to be the cause. I see There are two calls to `/identity/connect/token`, I wonder if that's just coincidence or actual cause of the problem..
OVERLORD commented 2026-02-04 18:14:59 +03:00
Author
Owner
Copy Link

@Ryonez commented on GitHub (Jan 8, 2019):

Maybe?

On my end, I attempted to unlock. It failed, so I was taken back to log in normally.

It feels a bit weird that it did this for so long, then worked for two days when I opened the issue, and showed back up after it was closed.

@Ryonez commented on GitHub (Jan 8, 2019): Maybe? On my end, I attempted to unlock. It failed, so I was taken back to log in normally. It feels a bit weird that it did this for so long, then worked for two days when I opened the issue, and showed back up after it was closed.
OVERLORD commented 2026-02-04 18:15:07 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Jan 8, 2019):

To me it appears that it happens randomly enough to not happen for a few days. I'll give it another try with latest image update and see if I can reproduce it.

@mprasil commented on GitHub (Jan 8, 2019): To me it appears that it happens randomly enough to not happen for a few days. I'll give it another try with latest image update and see if I can reproduce it.
OVERLORD commented 2026-02-04 18:15:10 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Jan 8, 2019):

@Ryonez do you use websockets sync in your setup?

@mprasil commented on GitHub (Jan 8, 2019): @Ryonez do you use websockets sync in your setup?
OVERLORD commented 2026-02-04 18:15:16 +03:00
Author
Owner
Copy Link

@Ryonez commented on GitHub (Jan 8, 2019):

Not that I'm aware of specifically.

I use the linuxserver/letsencrypt docker and proxy pass to the ip. I don't know how to do websocket stuff, though I do need to look into it sometime for something else.

@Ryonez commented on GitHub (Jan 8, 2019): Not that I'm aware of specifically. I use the linuxserver/letsencrypt docker and proxy pass to the ip. I don't know how to do websocket stuff, though I do need to look into it sometime for something else.
OVERLORD commented 2026-02-04 18:15:22 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Jan 31, 2019):

Is this still an issue? i know some anti virus tools like to mess with some requests, websockets and normal. i have never run in to this, but I'm using Firefox on Linux without an AV.

@BlackDex commented on GitHub (Jan 31, 2019): Is this still an issue? i know some anti virus tools like to mess with some requests, websockets and normal. i have never run in to this, but I'm using Firefox on Linux without an AV.
OVERLORD commented 2026-02-04 18:15:29 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Feb 1, 2019):

I've ran into this some time ago also on Linux/Firefox combo. But haven't encountered the issue lately.

@mprasil commented on GitHub (Feb 1, 2019): I've ran into this some time ago also on Linux/Firefox combo. But haven't encountered the issue lately.
OVERLORD commented 2026-02-04 18:15:47 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Nov 11, 2019):

I haven't encountered this in a long time, so hopefully it's resolved. Feel free to reopen if you can still reproduce this problem.

@mprasil commented on GitHub (Nov 11, 2019): I haven't encountered this in a long time, so hopefully it's resolved. Feel free to reopen if you can still reproduce this problem.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#175
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?