REST: User login session expires

anton-aleksandrov · November 12, 2015, 6:31am

I registered a user and signed in to the app from my web app. But after leaving it idle for sometime (about 12 hrs), I performed the same DB operation again, and I got an error:

"code":3064,"message":"Not existing user token. Relogin user to update your user token"

Should I login the user everytime?

kate-maksimenko · November 12, 2015, 12:58pm

Hi Anton!

Do you have any custom configuration here?
Regards,
Kate.

anton-aleksandrov · November 12, 2015, 1:02pm

No configurations there, that was the first thing i’ve checked

kate-maksimenko · November 12, 2015, 2:06pm

By default user session inactivity timeout is 30 days.
Maybe you login the same user several times?

anton-aleksandrov · November 12, 2015, 2:10pm

I almost sure i didn’t, but i will check it

Also, i will Enable Session Timeout and set it to 2592000, which is equal to 30 days

anton-aleksandrov · November 13, 2015, 3:20am

Now i’m sure, i didn’t login the same user several times, and this issue happen only after leaving it idle for sometime - less, than 7 hours. Also, i’ve set Session Timeout to 2592000 yesterday, but it doesn’t help.

mark-piller · November 15, 2015, 11:09pm

Anton, we have an internal ticket for this problem. A developer is investigating it.

Mark

anton-aleksandrov · November 16, 2015, 7:14pm

I’ve just began to receive this message permanently, can’t login or signup anymore

mark-piller · November 16, 2015, 7:17pm

What error do you get when you try logging in?

anton-aleksandrov · November 16, 2015, 7:20pm

3064 Not existing user token. Relogin user to update your user token. The same when i’m attempting to signup

mark-piller · November 16, 2015, 7:31pm

What is the reason for sending the user-token header for the login operation? I do not think you need to do that.

anton-aleksandrov · November 16, 2015, 7:32pm

i don’t, i even don’t have it, when user is not logged in

mark-piller · November 16, 2015, 7:35pm

Interesting. Any chance you could email me the following (mark@backendless.com):

app id REST secret key login info for a valid user from the Users table

anton-aleksandrov · November 16, 2015, 7:35pm

now it’s works fine again. I’ve changed nothing

yuriy · June 12, 2016, 2:50pm

I think I have same problem. Webapp is being developed, but I usually work with only one user credentials and with only one browser. I did not set “Enable Session Timeout” and yet after about a day (maybe even less, not sure) I’m receiving error when checking Backendless.UserService.isValidLogin()

https://api.backendless.com/v1/users/isvalidusertoken/267DF9DE-27D3-D19D-FF4D-7F8306776E00 400 (Bad Request)
(I’m logged now and forgot to look error code, but I think it was 3064 “Not existing user token. Relogin user to update your user token”)
What should I do to make it work for more time?

yuriy · June 13, 2016, 7:48pm

Ok, turns out I occasionally logged in from another computer for this particular user, probably that was the reason of short session on first computer, since I didn’t set “Enable Multiple Logins”. Although I thought error message would be different for that case.
I’ll look more with another user and make sure only one browser was used.