users can't log in (invalid csrf token)

krvam

hello, my users/agents can't login.

ntozier

I do not see anything obvious right out the gates.

Does your db timezone, PHP timezone, and osTicket Timezone all match?

I'll ask a dev to take a look at this.

krvam

ntozier I think this can generate the problem?
Where did I modify that option?

krvam

ntozier where is located db timezone?

ntozier

You can run a SQL query to get it

SELECT @@GLOBAL.time_zone, @@SESSION.time_zone;

Also this article might assist you to make sure that they are set correctly everywhere
https://howtohelpdesk.com/how-to-set-time-zone-in-osticket/

krvam

ntozier

KevinTheJedi

@krvam

That means MySQL is using the server’s timezone.

Cheers.

krvam

KevinTheJedi Thanks, the server timezone its okay its using the same configuration that the tickets that are in production.
They are even hosted on the same server ..
How can the token be deactivated?

KevinTheJedi

@krvam

You can't really. They are a vital part of the software. Not only do we use it to see if an Agent is logged in, but we also store a ton of information in the session. You will need to figure out why the time is showing different.

If I were you, I would look at the IIS error logs, PHP error logs, and MySQL error logs to see if there are any related errors when attempting to login. The error Invalid CSRF Token is pretty generic and doesn't provide us with any helpful information other than you have invalid tokens.

Cheers.

krvam

KevinTheJedi From the server I can access the best, what I cannot access is from another computer.
Can it have something to do with the url being in a port?
example tickets.mydomain.com:82/scp

KevinTheJedi

@krvam

So, when you access the helpdesk from the server osTicket is hosted on, you can login just fine but if you attempt to login from an external source you cannot login? Sounds like some webserver issues to me.

Cheers.

krvam

KevinTheJedi Exactly, but the webserver is the same that helpdesk in production, and this work perfect..

KevinTheJedi

@krvam

Well obviously if you have the "same" setup and one is working flawlessly and one is not, then something is not right with the one not working. This seems like environment/server issues to me which is out of our scope.

Cheers.