reply with features and bug fixes you’d like to see in Philthy, the lemmy fork that runs on this instance. no guarantees I’ll get to any of them soon, but particularly low-hanging fruit and well-liked features can be prioritized.
reply with features and bug fixes you’d like to see in Philthy, the lemmy fork that runs on this instance. no guarantees I’ll get to any of them soon, but particularly low-hanging fruit and well-liked features can be prioritized.
Fix the bug that you get logged out when refreshing the page sometimes – I’ve noticed this on both Firefox and Safari. The token still exists (at least it’s present in
document.cookieasjwt), but for some reason it doesn’t get sent anymore, so Lemmy thinks you’ve been logged out.I’ve actually looked into this already, but didn’t get very far, especially because it doesn’t even happen all the time.
Honestly, just storing it in
localStorageinstead of as a cookie might work …oh yeah, this is a bad one. the
localStorageidea is a good call.@self @mii I think storing session tokens in
localStorageis considered unsafe becauselocalStorageis more open to XSS attacks. The bigger concern, though, is using JWT for session management at all, which is widely considered a bad idea. Here’s one (of many) articles that go into that topic: https://dzone.com/articles/stop-using-jwts-as-session-tokens