Clients keep getting signed-out

PopeRigby · September 20, 2020, 1:06am

System

Nextcloud version (eg, 18.0.2): 19.0.3
Operating system and version (eg, Ubuntu 20.04): Debian 10

The issue you are facing:

Nextcloud keeps logging me out of my clients. It seems to mostly happen with my desktop client running on ArchLinux, but it occasionally happens with the Android client as well. It happens daily with the desktop client, and I haven’t been able to keep track of how often it happens with the Android client.

Is this the first time you’ve seen this error? (Y/N):

No

Steps to replicate it:

Log into the desktop client
Wait for it to log you out

The output of your Nextcloud log in Admin > Logging:

The output of your config.php file in `/path/to/nextcloud`:

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'trusted_proxies' =>
  array (
    0 => 'letsencrypt',
  ),
  'overwrite.cli.url' => 'https://cloud.haddock.cc/',
  'overwritehost' => 'cloud.haddock.cc',
  'overwriteprotocol' => 'https',
  'trusted_domains' =>
  array (
    0 => 'cloud.haddock.cc',
  ),
  'instanceid' => 'REDACTED',
  'passwordsalt' => 'REDACTED',
  'secret' => 'REDACTED',
  'dbtype' => 'mysql',
  'version' => '18.0.7.1',
  'dbname' => 'nextcloud',
  'dbhost' => 'nextcloud-db:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => 'REDACTED',
  'mysql.utf8mb4' => true,
  'installed' => true,
  'mail_from_address' => 'mail',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'pipe',
  'mail_domain' => 'haddock.cc',
  'twofactor_enforced' => 'false',
  'twofactor_enforced_groups' =>
  array (
    0 => 'admin',
  ),
  'twofactor_enforced_excluded_groups' =>
  array (
  ),
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'mail_smtpport' => '465',
  'mail_smtphost' => 'smtp.sendgrid.net',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'apikey',
  'mail_smtppassword' => 'REDACTED',
  'mail_smtpsecure' => 'ssl',
);

nazo · September 21, 2020, 8:02am

I am having the same issues in Ubuntu 18.04

PopeRigby · September 21, 2020, 4:20pm

Forgot to mention that my desktop operating system is Arch Linux.

PopeRigby · September 24, 2020, 4:48am

It’s got to have something to do with an expiring token. I’m getting a wrong username of password error on Android

PopeRigby · September 25, 2020, 6:17pm

Also getting this, even though I only tried to login once:

You getting this stuff too @nazo?

nazo · September 29, 2020, 6:27am

No, I think my issue was different. It was related to SSL certificate. Somehow, after sometime, the NextCloud Desktop client used to disconnect, and then the router tried to issue an SSL certificate.

Later, I figured out that in my wife setting, I had configured both primary DNS resolver (pi hole), and 1.1.1.1 as fall back secondary resolver. This was somehow creating conflict. So I removed the secondary resolver, and left it empty. Now I don’t have this issue.

PopeRigby · September 29, 2020, 7:06am

Hopefully that’s my problem too. I just got a new router so I’ll see if it’s still broken.

PopeRigby · September 30, 2020, 6:14pm

That doesn’t seem to have been my problem. But this could be useful, this is what Nextcloud desktop tells me:

DevOps · September 13, 2021, 5:26am

I think this isn’t just an issue with the clients I also keep getting logged out from the web portal I am on NextCloud version 22 with apache web server on centos7

MadMe86 · April 16, 2022, 11:31am

Hey There!
i just made an observation that might be of interest:
I got the same symptom which is described above.
Got a logged out Client. → Logs in on browser → short while (<0,5h) the client says it is offline. The browser shortly before…
The only change i made recently was to add my FIFO2 sticks and my Smartphone as WebAuthn device…
After i removed them and a login Cycle, it works again like it should

Later i want to add the Devices again to try provoke the error. If it can be reproduced i will file an issue in Github…

OS: Arch Linux
Client Up to date (3.4.4-2)
Server(22.2.0)

MadMe86 · April 16, 2022, 8:18pm

So i just readded one FIDO Stick and it happened again… :-/

bb77 · April 17, 2022, 7:04am

Hi @MadMe86

Did you re-login all the apps and devices after you enabled 2FA? Most likely there is still an app active on some device in your network that has not been re-logged in and triggers the brute force protection of your Nextcloud. Btw. For apps and devices that don’t support LoginFlow and therefore can’t use your FIDO sticks to log-in, you have to create an app password under Settings → Personal → Security and use that instead of your normal password + 2FA.

AxTi · April 17, 2022, 8:23am

I have the same problem. The client applicaiton on my two Arch Linux systems keeps getting logged out after around every 10 minute. This problem have never occurred on my Windows or Debian systems. Still looking for a solution.

MadMe86 · April 18, 2022, 12:22pm

Hello @bb77
I have not enabled 2FA, just added the devices for WebAuthN
If it was the brute force protection it should imho display as triggered Brute force protection in the logs. There were only messages like: user login failed from ip…
After I updated my nextcloud instance to 22.2.6 and added the devices again… The disconnects did not appear till now… let’s hope the best…

@AxTi have you installed an keyring?
I read that if it is missing the client fails to store the auth token.
So you log in, you get the auth token and the client requests the session token, which might be 10 minutes valid.
But it fails to store the auth token. So when it is time to refresh the token, it can’t get the auth token from the keyring… So the login fails

When I am home, i will check the client logs maybe there is something relevant…

alerque · September 14, 2022, 9:08pm

I’m one of the current maintainers of the Arch Linux packaging. I wasn’t on this package until recently, but this is an isssue I’ve seen off and on myself over the years. I don’t know what’s triggering it yet. In my case I suspect having a coustom keyring handler is part of my problem on the desktop, but I also have problems with the Android client.

I don’t have 2FA involved, but do use OIDC for user logins.

What else should we even be looking at here? Are sever logs going to show why clients are being logged out? If so where?

TijuanaKez · February 22, 2023, 11:03pm

Same thing here. I have 2 iMacs (1 Big Sur, one Ventura), 2 MacBooks (1 Catalina, 1 Big Sur) and a Windows 10 Desktop client, all logged into one account (or trying to be) but they all get periodically logged off throughout the day. It’s super annoying because every time I want to do something with Nextcloud files, I have to remember to check the app to see if it’s been logged off or not.

Nextcloud server version 25.0.3
Mac client 3.7.3

Being that it’s on so many different systems, it can’t be a problem specific to any machine or desktop client.

Is there a particular log that might show some more information as to why the client keep getting logged off?

kelsonv · August 31, 2023, 1:39am

If I may add another data point here:

I was seeing this on a laptop running Arch Linux when I logged into an LXQt session, but not when I logged into KDE/Plasma.

Under LXQt, I found if I closed the Nextcloud app without logging in again, unlocked KWallet manually, then re-launched Nextcloud, it found the existing login credentials from before.

I finally solved it by enabling the KWallet PAM Socket Connector in my LXQt Autostart settings. So it opens the wallet as I log in, and then Nextcloud finds the login tokens just fine.

So it seems to be an issue with a keyring manager not running until after it’s needed.

That said, I also have the same symptoms on a Macbook. I’ll have to check on the keyring settings there next time I open it up and see if it’s the same underlying issue.