Issues with new Login System - Add them here
Discussion
Krikkit said:
Sorry, am I reading this right? We're going to have to log back in to the forums (or at least have our sessions expire then have to pass through a login page to refresh a cookie) every 60 mins?
Did someone actually think about that? If I log in to a forum I don't want to keep having my user views and preferences ignored until I click login again. That's absolutely crazy, why don't the classifieds do this and not the forums?
Surely it would make more sense to have to re-enter credentials (or rather refresh a cookie) for the classifieds (which are the important bit after all)?
No, you are not reading that correctly.Did someone actually think about that? If I log in to a forum I don't want to keep having my user views and preferences ignored until I click login again. That's absolutely crazy, why don't the classifieds do this and not the forums?
Surely it would make more sense to have to re-enter credentials (or rather refresh a cookie) for the classifieds (which are the important bit after all)?
The system will automatically renew your cookie if you go to a page that requires you to be authorised to see it, thus you shouldn't even know it happens. So if you go to My Stuff, Post a Reply, My Preferences - then it will renew the cookie. If you go to another part of the site and come back 60 minutes later, going to My Stuff will automatically log you back in to the forums.
The length of time this cookie is set is too short, thus we need to extend it, which will be a new release (tomorrow hopefully).
Nicola-z814y said:
My user name was on the list for correcting (Nicol@), but I was emailed another new variation log in.
Is it bye-bye old name?
Sorry, if you login using your email address on Nicol@ then you can get to that profile. Is it bye-bye old name?
We have some special characters not allowed in the new system and thus we have had to manually port you prior to fixing.
Back up and back in at work... Will work through these comments this morning.
We have fixed the slow input in the forum post box now.
The login issue where you click login and you are back connected without adding anything is not a security issue, you are logged into PistonHeads - Forums is an application that gets a lease of 60 minutes for that login from the central system, so at the moment after 60 minutes it needs to go and get that again. Clicking on login is one of the processes that will get that (along with writing a post or hitting My Stuff).
We are looking at making this much better today and get a fix out.
We have fixed the slow input in the forum post box now.
The login issue where you click login and you are back connected without adding anything is not a security issue, you are logged into PistonHeads - Forums is an application that gets a lease of 60 minutes for that login from the central system, so at the moment after 60 minutes it needs to go and get that again. Clicking on login is one of the processes that will get that (along with writing a post or hitting My Stuff).
We are looking at making this much better today and get a fix out.
-Pete- said:
Maybe off topic, but how do I change my email address?
As all accounts are combined we do not allow the change of email address at the moment, this is a result of phishing sites capturing user details and then people having their email addresses changed (cars drop to cheap prices) and scammers then getting a way in to try out various scams.If you need it changing then please email us, or PM me directly and I will do it.
TankRizzo said:
There's definitely something very skewy going on with the cookie expiry, it can time me out after less than 15 minutes sometimes.
Are you using sliding expiration on your cookies?
Yes, but it will only slide if the cookie needs to be reauthenticated - reading the forums does not require that process at the moment and only when you hit My Stuff or Post a reply does it slide. This is one thing that needs addressing.Are you using sliding expiration on your cookies?
sebhaque said:
Just in case my last post didn't make it through - I logged in at work on one machine today - I logged in on it yesterday and it's always remembered me, just thought it was an anomaly this morning. I then logged in on a separate work machine, browsed a topic or two, went for a smoke and noticed I'd been logged out of my phone, but again didn't think anything of it.
I've had to log in two or three times in the past hour or two on this machine, which I had to log in on when I got home from work this afternoon. The last time was about 5 minutes ago when I lost a post I was writing, and going back on Firefox just lead me to a blank post screen. Rather annoying as the last thing I want to do at 12:20am on a worknight is log in again just to have a moan, rather than post something helpful for another PHer, sadly which he won't be receiving tonight.
A new device will require a new login since we updated the system. Clicking the login button on the forums is different to actually entering your username/email and password again. The cookie is expiring and needing to re-authenticate... but this is something we are looking at right now to get a fix out shortly.I've had to log in two or three times in the past hour or two on this machine, which I had to log in on when I got home from work this afternoon. The last time was about 5 minutes ago when I lost a post I was writing, and going back on Firefox just lead me to a blank post screen. Rather annoying as the last thing I want to do at 12:20am on a worknight is log in again just to have a moan, rather than post something helpful for another PHer, sadly which he won't be receiving tonight.
eharding said:
I know.
It's as if we've managed to combine the annoying parts of prudent security, and the hideous WTF? risks of laissez-faire but but beguilingly convenient transparent access, and then performed a magical process of distillation which removes both the 'prudent security' and 'convenient transparent access' parts, leaving a highly-refined distillate of 'annoying' and 'WTF?'.
Never mind. I'm sure the hamsters are being force-fed with intravenous Espresso overnight, and everything will be lovely in the morning.
Ummmm... It's as if we've managed to combine the annoying parts of prudent security, and the hideous WTF? risks of laissez-faire but but beguilingly convenient transparent access, and then performed a magical process of distillation which removes both the 'prudent security' and 'convenient transparent access' parts, leaving a highly-refined distillate of 'annoying' and 'WTF?'.
Never mind. I'm sure the hamsters are being force-fed with intravenous Espresso overnight, and everything will be lovely in the morning.
We are working hard on sorting this so that the prudent security and the convenient transparent access become less laissez-faire and beguiling so that the distillation of the login process become disconnected from reality and more a utopian system that knows who you are.
igiveup said:
All my Forum Bookmarks have gone! Although if I click on "My Mates" on the right is a vertical coloumn, which has "My bookmarks" and they are showing in there.
Also "Whats new" has nothing to show, unless I click the 3: 12: 24 :72
Also under "My Topic" And "My Replies" it's blank.
Local Chat also says I need a postcode, was working fine before as I have postcode in profile under "UK Postal Code"
Using Skin "Beta 2" (wish this looked the same on Desktop and mobile as i really like it on Mobile, but its beta so no real complaints)
Desktop (Win 7 using Chrome) Mobile (Android 5.1 using Chrome) and Chromebook (Chrome 42.x.x.x)
There are issues with the cookies that these systems rely on - we are looking at these now.Also "Whats new" has nothing to show, unless I click the 3: 12: 24 :72
Also under "My Topic" And "My Replies" it's blank.
Local Chat also says I need a postcode, was working fine before as I have postcode in profile under "UK Postal Code"
Using Skin "Beta 2" (wish this looked the same on Desktop and mobile as i really like it on Mobile, but its beta so no real complaints)
Desktop (Win 7 using Chrome) Mobile (Android 5.1 using Chrome) and Chromebook (Chrome 42.x.x.x)
Edited by igiveup on Thursday 14th May 07:50
Podie said:
Wrote a long post but it got chewed
Largely the same issues as others.
Does anyone at PH understand the concept of testing and release management? Jeez...
I welcome you to come down and meet the team and understand the processes and challenges we have in place at PH HQ, we might even throw in lunch.Largely the same issues as others.
Does anyone at PH understand the concept of testing and release management? Jeez...
PoleDriver said:
Actually, looking at the 'What's new' problem, it seems to be working properly?
When I first looked at it this morning there were a lot of posts visible since last night. When I looked again there were only posts for the past 10 minutes, so they were 'What's new' since I last accessed it! Selecting past 3 hours brings up what it should!
However, even using the '72' hours button will only go back to about 23:00 last night, this has been the case for some time.
PS. Still no solution to the problems with my 2 logins? and the problems with 'My topics/replies/bookmarks' ?
Hopefully the separate email has sorted the login issues out - the other ones we are looking at right now.When I first looked at it this morning there were a lot of posts visible since last night. When I looked again there were only posts for the past 10 minutes, so they were 'What's new' since I last accessed it! Selecting past 3 hours brings up what it should!
However, even using the '72' hours button will only go back to about 23:00 last night, this has been the case for some time.
PS. Still no solution to the problems with my 2 logins? and the problems with 'My topics/replies/bookmarks' ?
Edited by PoleDriver on Thursday 14th May 07:49
Tanguero said:
For crying out loud - do you not test anything before releasing it? If any of my developers released something as flaky as this heads would be rolling!
Haymarket needs to get in some professional web developers who actually know what they are doing both technically and in terms of product management. This is like amateurs night.
Happy for you to come down and meet the team, we will buy lunch, and see what goes on here so you can make an informed judgement.Haymarket needs to get in some professional web developers who actually know what they are doing both technically and in terms of product management. This is like amateurs night.
anonymous said:
[redacted]
As per previous post - it would be easier to build this functionality into the system than migrate.- Notifications is something we are hoping to bring in the next few months, and the ability to subscribe to a topic or even search term and get notified.
- Layouts are something we are working on, moving them to a better design as part of Beta2 - moving to one supported skin makes this process far easier than supporting the 6 various looks we have
- The system is not checking that the user hasn't submitted the form twice - a known issue that has not been prioritised to fix
- Uploading of images is something we are looking to fix in the next few months
- I will never change the swear filter to fix the Shorpe problem - it is a quirk, and gives the forum character, plus been there for 10 years
Megaflow said:
Big Blue...
ETA: And the what's new still doesn't work. Apparently there has been nothing new since I closed PH at 8:30, until I cam back at 12:13...
Please bring in some professionals to do this work!
I welcome you to come and meet the PH team and see if you think they are professional or not, then maybe you might understand the challenges and complexities to make a more informed comment... there will be a little nice gathering looking at the offers out there ETA: And the what's new still doesn't work. Apparently there has been nothing new since I closed PH at 8:30, until I cam back at 12:13...
Please bring in some professionals to do this work!
Edited by Megaflow on Thursday 14th May 12:18
TankRizzo said:
Oh, I see. That would explain it, plus make life very annoying for lurkers!
As an aside, I get that you're doing SSO from a single system, wouldn't it be better to give the forums a much longer lease on the cookie than you would for Classifieds? I can understand the need for a short expiry on there. The forum, less so.
Yes, it is the fix we are rolling out.As an aside, I get that you're doing SSO from a single system, wouldn't it be better to give the forums a much longer lease on the cookie than you would for Classifieds? I can understand the need for a short expiry on there. The forum, less so.
Gassing Station | Website Feedback | Top of Page | What's New | My Stuff