I am currently getting signed out every minute from lemmy.world. This is not a client side cache issue. I tested making API calls from the command line (with curl) with no cache and the issue still occurs. One call I get the correct response, the next I get a 400 telling me im not signed in.
I’m primarily testing with the https://lemmy.world/api/v3/user/unread_count api endpoint. I’m not sure if this issue occurs with all endpoints.
Reproduction steps:
- Get a lemmy.world JWT token for your account using your desired method (eg. postman).
curl https://lemmy.world/api/v3/user/unread_count?auth={JWT_TOKEN_HERE}- Note the 400 error. If you do not get an error repeat step 2.
Edit
This issue only seems to affect lemmy.world so a temporary workaround is to use a different instance for the time being.
deleted by creator
No. This issue goes a lot deeper than your login information.
deleted by creator
It’s based on my understanding of how servers work and my tests. There is obviously always room for error, but I’m like 99% confident I’m right.
Also AFAIK lemmy doesn’t kick you out because you signed in elsewhere.
deleted by creator
Removed by mod
deleted by creator
Removed by mod
deleted by creator
Removed by mod
Fwiw, the fix literally yesterday was to change your password in certain app/mobile configurations to force invalidate your old token that was signed by the old key.
deleted by creator
Removed by mod