Unintentional logout when reloading the page

[technocidal]

Steps to reproduce

• Open the web app and log in with a user of type Account
• Navigate to some page (e.g. Applications) and refresh the page in browser multiple times

Actual result

The user is logged out and the message The server cannot be reached is shown on the login screen.

Expected result

User should remain logged in after the page was refreshed.

Additional info

• This logging out doesn't occur for Admin and SP users.
• During our internal investigation, we discovered that this is probably an issue that occurs when the web app runs behind a proxy like Kubernetes with an ingress controller. As we are still deploying the web app using express we were able to configure express to trust proxies. This seems to solve the issue. The serve package that is currently used by this project does not seem to have this particular configuration option.

[xquanluu]

The server cannot be reached

this message is shown when the webapp is not able to send request to jambonz-api-server. When this happen, jambonz webapp will cleanup token and logout the current user.

Could you give me more hint on how expresss changes will help the webapp is able to connect tp jambonz-api-server?

[technocidal]

Express historically has had some issues when running behind proxies (e.g. k8s loadbalancer like Traefik) which also seems to be the case with Vercel serve. So for us the issue wasn't really that the api-server was not reachable but rather that multiple request to the web app quickly one after the other were not handled correctly. When we configured Express like described in their documentation (app.set('trust proxies, 1)) the issue went away for us.