isLoggedIn property returning false every time

PabloCanalSuarez · February 19, 2021, 6:31pm

Hi, I’m using the new library solid-client-authn-browser to create the authentication method of my app, and I can’t manage to make it work.

I’ve followed this guide that Inrupt provides, and here’s my code:

export function initLogin() {
    if (!getDefaultSession().info.isLoggedIn) {
        return login({
            oidcIssuer: solidProviders.INRUPT,
            redirectUrl: propertiesSolid.redirectUriLogin
        });
    }
}

export async function handleAfterLogin() {
    await handleIncomingRedirect(propertiesSolid.redirectUriLogin);

    const session = getDefaultSession();
    console.log(session);

    // SolidCache.getInstance().setSolidSession(getDefaultSession())
}

The second function handleAfterLogin is called at the page where the user must be redirected after login, but the getDefaultSession() property returns the following:

1. info:
  1. isLoggedIn: false
  2. sessionId: "8ef427a6-ea6c-4d3d-af19-64f215f985e1"
  3. webId: undefined
  4. __proto__: Object

And even when I refresh the webpage, the property isLoggedIn is always false.

Why is this happening?

Vincent · February 22, 2021, 8:38am

Hi @PabloCanalSuarez (love the username ). The function handleIncomingRedirect needs to be passed the page’s query parameters to obtain all the information needed to finalise the request. I’m guessing that propertiesSolid.redirectUriLogin is a predefined constant URL, rather than the actual current location (i.e. window.location.href). Thus, if you pass it window.location.href, it should start to work.

(In fact, that parameter isn’t even required - I’ll submit a PR to the docs to remove that. If you don’t provide one, it will automatically use window.location.href.)

PabloCanalSuarez · February 22, 2021, 12:56pm

Hi @Vincent, I just checked what you said about taking as parameter the window.location.href and now the login process is working as it should, returning isLoggedIn as true. Thank you very much!!!

I’ve just encountered another issue, and I’m not sure if this is something that I’m doing wrong or if it’s the proper behavior. When I refresh the page after achieving a successful login process, the isLoggedIn property of the Session returns false.

Why is this happening? The user is still logged in the Provider, so I don’t get why it appears as a not logged user.

Vincent · February 22, 2021, 2:13pm

Unfortunately, that is the result of solid-client-authn-browser not having a secure way to preserve the session across page refreshes, which is reported here: Does not stay logged in after refresh · Issue #423 · inrupt/solid-client-authn-js · GitHub

The good news is that people have likely figured out a way to do this securely after all. If you look at the pull requests of that repository, there are a couple of them that should together address this issue (via what’s called “silent authentication”), so hopefully a new release will arrive shortly that will fix this issue for you.

PabloCanalSuarez · February 22, 2021, 7:39pm

Thank you very much for the info!!