I am currently getting signed out every minute from lemmy.world. This is not a client side cache issue. I tested making API calls from the command line (with curl) with no cache and the issue still occurs. One call I get the correct response, the next I get a 400 telling me im not signed in.

I’m primarily testing with the https://lemmy.world/api/v3/user/unread_count api endpoint. I’m not sure if this issue occurs with all endpoints.

Reproduction steps:

  1. Get a lemmy.world JWT token for your account using your desired method (eg. postman).
  2. curl https://lemmy.world/api/v3/user/unread_count?auth={JWT_TOKEN_HERE}
  3. Note the 400 error. If you do not get an error repeat step 2.

Edit

This issue only seems to affect lemmy.world so a temporary workaround is to use a different instance for the time being.

  • fkn
    link
    11 year ago

    Fwiw, the fix literally yesterday was to change your password in certain app/mobile configurations to force invalidate your old token that was signed by the old key.

    • @[email protected]
      link
      fedilink
      11 year ago

      At the time i was commenting, I didn’t see much information about what was going on, so i just went for the default of asking questions and ruling things out. Didn’t realise it was a significant % of people and that they didn’t even get a chance to stay logged in for a second. When i talked with them they made zero attempts to even honor a word i said when they could have just corrected and filled me in about my clear lack of info. This is why people dont help others any more. I’ve learned my lesson. I’m done.