reply with features and bug fixes you’d like to see in Philthy, the lemmy fork that runs on this instance. no guarantees I’ll get to any of them soon, but particularly low-hanging fruit and well-liked features can be prioritized.
reply with features and bug fixes you’d like to see in Philthy, the lemmy fork that runs on this instance. no guarantees I’ll get to any of them soon, but particularly low-hanging fruit and well-liked features can be prioritized.
Fix the bug that you get logged out when refreshing the page sometimes – I’ve noticed this on both Firefox and Safari. The token still exists (at least it’s present in
document.cookie
asjwt
), but for some reason it doesn’t get sent anymore, so Lemmy thinks you’ve been logged out.I’ve actually looked into this already, but didn’t get very far, especially because it doesn’t even happen all the time.
Honestly, just storing it in
localStorage
instead of as a cookie might work …oh yeah, this is a bad one. the
localStorage
idea is a good call.@self @mii I think storing session tokens in
localStorage
is considered unsafe becauselocalStorage
is more open to XSS attacks. The bigger concern, though, is using JWT for session management at all, which is widely considered a bad idea. Here’s one (of many) articles that go into that topic: https://dzone.com/articles/stop-using-jwts-as-session-tokens