I’ve started a self hosted rocketchat server (4.3.2). Migrated to wiredtiger. Mongodb 5.0
I use my admin account on the web and mobile. I noticed this is routinely happening. After having the mobile app in the background for some time (maybe a few mins), I reopen it, but nothing gets updated. If I enter a channel, I see the spinner spinning. If I swipe-to-refresh in the channels list, I see “updating…” which doesn’t finish. DMs are also not updating. Then after maybe 10 seconds (but not all the time, sometimes it keeps stuck in that state), I get a message on the mobile app “server logged you out”, and I’m thrown right into the authentication screen to enter my username and password. After signing in, everything immediately updates.
On web app, I’m also forcefully signed out after X amount of time, don’t know, but I had been asked to sign in 3 times on the web app this hour and I didn’t click sign out button for sure.
I’ve seen you reply with this answer to a number of threads and I wonder if it applies to my situation.
We have Javascript running in a browser that tries to log into Rocketchat using the API with a username and password stored on our server. This works the first day but then it stops. Does that mean you can only login once using the REST API and after that you can only use the personal access token for that user? The documentation seems to suggest you can always do a regular login using username and password.
I think the best course of action for you is to move this logic to the server.
If you have a user you already trust (he is already logged into your App), you can then create the user with our APIS with any random password, previously.
Then, when the user clicks the “chat” button in your webapp, your backend will call this API:
This is not the optimal auth method. OAuth fits greatly here, but it will require you supporting it in your App. This resumetoken method will make it hard to login using mobile or desktop app.
You could probably leverage deep links, passing the token to try to allow mobile an desktop usage.
Bear in mind that your tokens, servers info and what not will do a quick pass by our servers, if leveraging deeplinks
Unfortunately a lot of those steps don’t work for us. We’re in a situation where we have to create accounts and channels for users in the back-end but then have the front-end embed rocketchat, jump to a specific pre-created room and have them join a conversation. I can only do the jump-to-channel if our javascript running in the browser has been authenticate.
But we can’t really help you in this specific case except for what Duda ^ and I just commented here, without looking at the script/code you’re using to authenticate.