Unable to login after session timeout

fmaqueda

Hi.
Hoping to get assistance on a strange issue with a fresh installation of osTicket v1.18.2.
When a session timeouts, agents are unable to login until they manually delete the OSTSESSID cookie.

Operating System: Debian 12.4-slim
Database: MariaDB 11.6.2

I'm testing this by changing under Settings > Agents > Agent Session Timeout to 1 minute. A workaround would be to set it to 0, but that's undesired.
Already tried activating the PHP-FPM module and making sure the timezone is the same for the database, operating system, and PHP-FPM, but still the same.
Debugging, I've found out that $user->isValid() in /scp/login.php#L73 keeps returning false, so it redirects to login.php even after the agent just logged in. The $expire variable in /include/class.usersession.php#L94-L96 keeps increasing and isn't being reset even after the session has already expired and the agent has just logged in, so that's where it returns false.
Any ideas of what could be causing this?
Any assistance or how to troubleshoot this would be greatly appreciated.
Thank you.

KevinTheJedi

fmaqueda

There are other recent posts. This is a known issue that’s on our todo. It will be quite some time before we get to it so you’re welcome to take a stab at it.

Cheers.

fmaqueda

Thank you @KevinTheJedi. Is there a GitHub issue or something to keep a track of it?

And as for the time being, what do you suggest as a workaround for it? Just setting the Session Timeout to 0 to bypass it, or perhaps changing my PHP configuration?

KevinTheJedi

fmaqueda

No, we have yet to look into the issue so we do not know what the root cause is. We are tracking it internally and there are threads on this forum where people are adding their +1s.

Cheers.

KevinTheJedi

fmaqueda

An update has been made here:

https://forum.osticket.com/d/106376-login-issue-for-users-on-v1182/18

Cheers.