Clients keep getting signed-out

System

Nextcloud version (eg, 18.0.2): 19.0.3
Operating system and version (eg, Ubuntu 20.04): Debian 10

The issue you are facing:

Nextcloud keeps logging me out of my clients. It seems to mostly happen with my desktop client running on ArchLinux, but it occasionally happens with the Android client as well. It happens daily with the desktop client, and I haven’t been able to keep track of how often it happens with the Android client.

Is this the first time you’ve seen this error? (Y/N):

No

Steps to replicate it:

  1. Log into the desktop client
  2. Wait for it to log you out

The output of your Nextcloud log in Admin > Logging:

The output of your config.php file in /path/to/nextcloud:

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'trusted_proxies' =>
  array (
    0 => 'letsencrypt',
  ),
  'overwrite.cli.url' => 'https://cloud.haddock.cc/',
  'overwritehost' => 'cloud.haddock.cc',
  'overwriteprotocol' => 'https',
  'trusted_domains' =>
  array (
    0 => 'cloud.haddock.cc',
  ),
  'instanceid' => 'REDACTED',
  'passwordsalt' => 'REDACTED',
  'secret' => 'REDACTED',
  'dbtype' => 'mysql',
  'version' => '18.0.7.1',
  'dbname' => 'nextcloud',
  'dbhost' => 'nextcloud-db:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => 'REDACTED',
  'mysql.utf8mb4' => true,
  'installed' => true,
  'mail_from_address' => 'mail',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'pipe',
  'mail_domain' => 'haddock.cc',
  'twofactor_enforced' => 'false',
  'twofactor_enforced_groups' =>
  array (
    0 => 'admin',
  ),
  'twofactor_enforced_excluded_groups' =>
  array (
  ),
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'mail_smtpport' => '465',
  'mail_smtphost' => 'smtp.sendgrid.net',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'apikey',
  'mail_smtppassword' => 'REDACTED',
  'mail_smtpsecure' => 'ssl',
);

1 Like

I am having the same issues in Ubuntu 18.04

1 Like

Forgot to mention that my desktop operating system is Arch Linux.

It’s got to have something to do with an expiring token. I’m getting a wrong username of password error on Android

Also getting this, even though I only tried to login once:

You getting this stuff too @nazo?

No, I think my issue was different. It was related to SSL certificate. Somehow, after sometime, the NextCloud Desktop client used to disconnect, and then the router tried to issue an SSL certificate.

Later, I figured out that in my wife setting, I had configured both primary DNS resolver (pi hole), and 1.1.1.1 as fall back secondary resolver. This was somehow creating conflict. So I removed the secondary resolver, and left it empty. Now I don’t have this issue.

Hopefully that’s my problem too. I just got a new router so I’ll see if it’s still broken.

That doesn’t seem to have been my problem. But this could be useful, this is what Nextcloud desktop tells me:
T_20200930_111340

I think this isn’t just an issue with the clients I also keep getting logged out from the web portal I am on NextCloud version 22 with apache web server on centos7

Hey There!
i just made an observation that might be of interest:
I got the same symptom which is described above.
Got a logged out Client. → Logs in on browser → short while (<0,5h) the client says it is offline. The browser shortly before…
The only change i made recently was to add my FIFO2 sticks and my Smartphone as WebAuthn device…
After i removed them and a login Cycle, it works again like it should :slight_smile:

Later i want to add the Devices again to try provoke the error. If it can be reproduced i will file an issue in Github…

OS: Arch Linux
Client Up to date (3.4.4-2)
Server(22.2.0)

So i just readded one FIDO Stick and it happened again… :-/

Hi @MadMe86

Did you re-login all the apps and devices after you enabled 2FA? Most likely there is still an app active on some device in your network that has not been re-logged in and triggers the brute force protection of your Nextcloud. Btw. For apps and devices that don’t support LoginFlow and therefore can’t use your FIDO sticks to log-in, you have to create an app password under Settings → Personal → Security and use that instead of your normal password + 2FA.

I have the same problem. The client applicaiton on my two Arch Linux systems keeps getting logged out after around every 10 minute. This problem have never occurred on my Windows or Debian systems. Still looking for a solution.

Hello @bb77
I have not enabled 2FA, just added the devices for WebAuthN
If it was the brute force protection it should imho display as triggered Brute force protection in the logs. There were only messages like: user login failed from ip…
After I updated my nextcloud instance to 22.2.6 and added the devices again… The disconnects did not appear till now… let’s hope the best…

@AxTi have you installed an keyring?
I read that if it is missing the client fails to store the auth token.
So you log in, you get the auth token and the client requests the session token, which might be 10 minutes valid.
But it fails to store the auth token. So when it is time to refresh the token, it can’t get the auth token from the keyring… So the login fails

When I am home, i will check the client logs maybe there is something relevant…