Logout happening periodically despite passing `disableIdle: true` in `idleOptions`

Question

Logout happening periodically despite passing `disableIdle: true` in `idleOptions`

paulyoung opened this issue 2 years ago · comments

Describe the bug

During local development I noticed that I was getting logged out after iterating on something for a while that requires being logged in.

I started doing AuthClient.create({ idleOptions: { disableIdle: true }) to try and prevent this but it's still happening. I stepped through the code and I can confirm that an idleManager isn't being created.

Is this expected behavior, or a known issue?

To Reproduce
Steps to reproduce the behavior:

Create an auth client as described above
Authenticate using local internet identity
Leave a browser window open for a while
Refresh the page after a while
Confirm that you are logged out

Expected behavior
You remain logged in until you explicitly log out

Desktop (please complete the following information):

macOS Monterey Version 12.2.1 (21D62)
Brave Version 1.36.119 Chromium: 99.0.4844.83 (Official Build) (arm64)

Additional context

$ cat package-lock.json | grep dfinity
    "@dfinity/agent": {
      "resolved": "https://registry.npmjs.org/@dfinity/agent/-/agent-0.11.1.tgz",
    "@dfinity/auth-client": {
      "resolved": "https://registry.npmjs.org/@dfinity/auth-client/-/auth-client-0.11.1.tgz",
    "@dfinity/authentication": {
      "resolved": "https://registry.npmjs.org/@dfinity/authentication/-/authentication-0.11.1.tgz",
    "@dfinity/candid": {
      "resolved": "https://registry.npmjs.org/@dfinity/candid/-/candid-0.11.1.tgz",
    "@dfinity/identity": {
      "resolved": "https://registry.npmjs.org/@dfinity/identity/-/identity-0.11.1.tgz",
    "@dfinity/principal": {
      "resolved": "https://registry.npmjs.org/@dfinity/principal/-/principal-0.11.1.tgz",

Paul Young · Answer 1 · Thu May 26 2022 05:27:42 GMT+0800 (China Standard Time)

I took a look at local storage and can see that delegations under ic-delegation have an expiration field so I assume that's related to what I'm experiencing.

Paul Young · Answer 2 · Thu May 26 2022 05:52:53 GMT+0800 (China Standard Time)

I just experienced this again. Confirming that local storage doesn't contain the ic-identity and ic-delegation keys anymore.

Paul Young · Answer 3 · Sun Jun 05 2022 14:34:36 GMT+0800 (China Standard Time)

I suspect that maxTimeToLive is relevant here.

https://forum.dfinity.org/t/clarity-on-the-maxtimetolive-passed-in-authclient-for-internet-identity/13493?u=paulyoung

Kai Peacock · Answer 4 · Fri Jun 24 2022 02:26:10 GMT+0800 (China Standard Time)

Do you think that maxTimeToLive is not being set correctly? The new default has been lowered to 8 hours, and came in conjunction with the idleManager changes. DisableIdle is not meant to have an affect on the maxTimeToLive setting

gabrielnic · Answer 5 · Tue Jul 12 2022 01:10:22 GMT+0800 (China Standard Time)

Just for posterity it seems that passing both disableIdle: true, // set to true to disable idle timeout, disableDefaultIdleCallback: true, does the trick

Kai Peacock · Answer 6 · Tue Aug 02 2022 06:31:21 GMT+0800 (China Standard Time)

Hmm, disableIdle intuitively ought to cover the default callback too, so I should make sure that is correct

Alexey Chirkov · Answer 7 · Mon Jan 09 2023 21:35:11 GMT+0800 (China Standard Time)

Hmm, disableIdle intuitively ought to cover the default callback too, so I should make sure that is correct

Dear Kyle, logout happens because _handleSuccess methods creates idleManager despite the fact that the idleOptions are {disableIdle: true} (at line 325)

I think idleOptions.disableIdle value should be checked also in constructor of AuthClient and _handleSuccess method.