Support » Plugin: SameSite Cookies » Can’t log in after installing your plugin

  • Resolved chantalf

    (@chantalf)


    Hi, I installed your plugin yesterday and now we are logged out of the site, can’t log in as admin or subscriber. The page just reloads the login page showing we are logged out.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Ayesh Karunaratne

    (@ayeshrajans)

    You can remove the plugin files by deleting the directory. I will investigate and push an update with fixes, of which there are a few with similar reports.

    Thread Starter chantalf

    (@chantalf)

    Thanks so much, will do!

    This seems like a duplicate of https://wordpress.org/support/topic/refreshes-login-screen-when-logging-in/

    Login only works if “Remember Me” is selected, otherwise users are just redirected back to the login screen.

    When I log in and it fails:

    
    set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
    set-cookie: wordpress_sec_dcfecb4f7f4693ded9f0540a1d77266b=seravo%7C1603390318%7CWwBZ0e1TqBKjL6xX8qH0ZHW9sru0e0TNsgDnSgMHfGU%7C13e42107dd0073bf6a0b648f38ae4af81830b30c50f0d0a9e90a26b1333bd5df;expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;path=%2Fwp-content%2Fplugins;domain=;secure;httponly;SameSite=None
    set-cookie: wordpress_sec_dcfecb4f7f4693ded9f0540a1d77266b=seravo%7C1603390318%7CWwBZ0e1TqBKjL6xX8qH0ZHW9sru0e0TNsgDnSgMHfGU%7C13e42107dd0073bf6a0b648f38ae4af81830b30c50f0d0a9e90a26b1333bd5df;expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;path=%2Fwp-admin;domain=;secure;httponly;SameSite=None
    set-cookie: wordpress_logged_in_dcfecb4f7f4693ded9f0540a1d77266b=seravo%7C1603390318%7CWwBZ0e1TqBKjL6xX8qH0ZHW9sru0e0TNsgDnSgMHfGU%7C0de35ac9c7667d2c21aa85c70177c419bc449454b909278f862a96986413ed3b;expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;path=%2F;domain=;secure;httponly;SameSite=None
    set-cookie: wordpress_user_sw_dcfecb4f7f4693ded9f0540a1d77266b=+; expires=Mon, 21-Oct-2019 18:11:58 GMT; Max-Age=0; path=/
    set-cookie: wordpress_user_sw_secure_dcfecb4f7f4693ded9f0540a1d77266b=+; expires=Mon, 21-Oct-2019 18:11:58 GMT; Max-Age=0; path=/
    set-cookie: wordpress_user_sw_olduser_dcfecb4f7f4693ded9f0540a1d77266b=+; expires=Mon, 21-Oct-2019 18:11:58 GMT; Max-Age=0; path=/
    

    Note expiry time!

    When I select “Remember me” and it works:

    
    set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure
    set-cookie: wordpress_sec_dcfecb4f7f4693ded9f0540a1d77266b=seravo%7C1604427186%7Cn6NprWMvzxd17i2VtsX7ZFI79ygZZpKDXLroG3JZylB%7C730c7e29358b26d6fab4c28628a1cade618b19224f22d386a459486b05d64b74;expires=Wed, 04-Nov-2020 06:13:06 GMT;Max-Age=1252800;path=%2Fwp-content%2Fplugins;domain=;secure;httponly;SameSite=None
    set-cookie: wordpress_sec_dcfecb4f7f4693ded9f0540a1d77266b=seravo%7C1604427186%7Cn6NprWMvzxd17i2VtsX7ZFI79ygZZpKDXLroG3JZylB%7C730c7e29358b26d6fab4c28628a1cade618b19224f22d386a459486b05d64b74;expires=Wed, 04-Nov-2020 06:13:06 GMT;Max-Age=1252800;path=%2Fwp-admin;domain=;secure;httponly;SameSite=None
    set-cookie: wordpress_logged_in_dcfecb4f7f4693ded9f0540a1d77266b=seravo%7C1604427186%7Cn6NprWMvzxd17i2VtsX7ZFI79ygZZpKDXLroG3JZylB%7C3d8c3509c9db07390241cbcde794ea4b55bea126c94837b3e1e244ec07ad2164;expires=Wed, 04-Nov-2020 06:13:06 GMT;Max-Age=1252800;path=%2F;domain=;secure;httponly;SameSite=None
    set-cookie: wordpress_user_sw_dcfecb4f7f4693ded9f0540a1d77266b=+; expires=Mon, 21-Oct-2019 18:13:06 GMT; Max-Age=0; path=/
    set-cookie: wordpress_user_sw_secure_dcfecb4f7f4693ded9f0540a1d77266b=+; expires=Mon, 21-Oct-2019 18:13:06 GMT; Max-Age=0; path=/
    set-cookie: wordpress_user_sw_olduser_dcfecb4f7f4693ded9f0540a1d77266b=+; expires=Mon, 21-Oct-2019 18:13:06 GMT; Max-Age=0; path=/
    

    I fixed this now with a mu-plugin:

    
    commit 4b6579336ab7e966c2fd5cc4c52c2fa0d3de737e (HEAD -> master)
    Author: Seravo Admin <no-reply@seravo.com>
    Date:   Thu Oct 29 12:40:02 2020 +0200
    
        Always use "Remember me" to circumvent bug in plugin Samesite
        
        https://wordpress.org/support/topic/cant-log-in-after-installing-your-plugin/#post-13559023
    
    diff --git a/htdocs/wp-content/mu-plugins/always-remember-login.php b/htdocs/wp-content/mu-plugins/always-remember-login.php
    new file mode 100644
    index 0000000..0c200d0
    --- /dev/null
    +++ b/htdocs/wp-content/mu-plugins/always-remember-login.php
    @@ -0,0 +1,9 @@
    +<?php
    +function login_checked_remember_me() {
    +  add_filter( 'login_footer', 'rememberme_checked' );
    +}
    +
    +add_action( 'login_enqueue_scripts', 'login_checked_remember_me', 100 );
    +function rememberme_checked() {
    +  echo "<script>document.getElementById('rememberme').checked = true;</script>";
    +}
    

    I had the same problem with the login loop, and noticed that if the “remember me” option was checked, it worked. Using the “Snippets” plugin, I added this code to fix it by always checking the option, then hiding it so it can’t be unchecked.

    add_action(
        'init',
        function() {
            add_filter(
                'login_footer',
                function() {
                    echo "<script type='text/javascript'>document.querySelector('#rememberme').checked = true; document.querySelector('.forgetmenot').style.display = 'none';</script>";
                }
            );
        }
    );
    • This reply was modified 6 months, 1 week ago by voicefeed.
    Plugin Author Ayesh Karunaratne

    (@ayeshrajans)

    I just released v1.5 of this plugin for a fix that it sent a negative expiration time, making browsers immediately remove the cookie. I think that version should fix the issue. Thank you.

Viewing 7 replies - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.