Session token expired popup login

  • Resolved ghyootjp

    (@ghyootjp)


    3 years, 9 months ago

    Hi. Can you please advise how to tweak my litespeed cache settings to avoid the message coming up “session token expired please refresh page” refreshing the page does not work btw. This message comes up when I swop users on my website using the Ocean Wp popup login extension. Theme used is ocean Wp. The problem does not exist if I use the standard Woocommerce account page to login. Litespeed cache issue/setting or ocean wp issue?

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Support qtwrk

    (@qtwrk)

    Hi,

    this sounds like a nonce issue

    please provide the report number first

    you can get it in toolbox -> report -> click “send to LiteSpeed”

    Best regards,

    Thread Starter ghyootjp

    (@ghyootjp)

    Ok thank, please advise if you need any more information?
    Report number: PGLRVAFT

    Report date: 02/08/2021 07:38:27

    Plugin Support qtwrk

    (@qtwrk)

    Hi,

    Was that pop up login come from theme ?

    if that so , please do text-search over theme files and looking for keyword “login-security” , please post me what you found

    Best regards,

    Thread Starter ghyootjp

    (@ghyootjp)

    Hi. Yes the popup login is a paid for extra from the Oceanwp theme.

    Please guide me on where to locate the file to perform the search in? Apologies I am not that technical

    Plugin Support qtwrk

    (@qtwrk)

    Hi,

    if it’s paid addon , then maybe you can directly contact the author and kindly ask them : “what is the nonce name it used in that addon”

    Best regards,

    Thread Starter ghyootjp

    (@ghyootjp)

    Message from theme developers. Please check ocean-popup-login.php, line 1256 and template/popup.php line 111
    Do you have a private channel that I can share login information to inspect if required?

    Plugin Support qtwrk

    (@qtwrk)

    Hi,

    no

    just show me the content of these 2 lines you indicated above

    Best regards,

    Thread Starter ghyootjp

    (@ghyootjp)

    // Check CSRF token
    if ( ! check_ajax_referer( ‘opl-login-nonce’, ‘register-security’, false ) ) {
    echo json_encode( array( ‘error’ => true, ‘message’ => ‘<div class=”alert alert-danger”>’. esc_html__( ‘Session token has expired, please reload the page and try again’, ‘ocean-popup-login’ ) .'</div>’ ) );
    die();
    }

    /**
    * Main Ocean_Popup_Login Instance
    *
    * Ensures only one instance of Ocean_Popup_Login is loaded or can be loaded.
    *
    * @since 1.0.0
    * @static
    * @see Ocean_Popup_Login()
    * @return Main Ocean_Popup_Login instance
    */
    public static function instance() {
    if ( is_null( self::$_instance ) )
    self::$_instance = new self();
    return self::$_instance;
    } // End instance()

    /**
    * Load the localisation file.
    * @access public
    * @since 1.0.0
    * @return void
    */

    Plugin Support qtwrk

    (@qtwrk)

    okay please try to go Cache -> ESI -> enable ESI , then add “opl-login-nonce” into nonce ESI list , purge all , and see how it goes

    Thread Starter ghyootjp

    (@ghyootjp)

    Thank you, thats seems to have done the trick. I will monitor and let you know if it maintains.

    Plugin Support qtwrk

    (@qtwrk)

    Hi,

    I’m going to mark this topic “Resolved”, due to lack of activity.

    If you still need help, please feel free to re-open it.

    When re-open it, please also change the topic status to “not solved”

    Best regards,

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Session token expired popup login’ is closed to new replies.