cms icon indicating copy to clipboard operation
cms copied to clipboard
verified publisher icon craftcms

not able to login: Unable to verify your data submission

Open mdoorschodt opened this issue 4 years ago • 5 comments

Description

On a pretty frequent basis (multiple times a week) we cannot login to the cms. After filling in the username and password, we get the following message:

Bad Request Unable to verify your data submission.

Even in an anonymous window we are not able to login The only way to fix this in chrome is to completely wipe the browser cache and restart chrome

Steps to reproduce

  1. logging in to CMS

Additional info

PHP version 7.4.28
Linux 4.19.0-18-amd64
MySQL 8.0.25
GD 7.4.28
Craft Pro 3.7.30.1

mdoorschodt avatar Mar 11 '22 08:03 mdoorschodt

@mdoorschodt Sounds like a PHP session issue... is this in a load-balanced web server setup?

angrybrad avatar Mar 11 '22 16:03 angrybrad

Hello Brad,

Yes, the login issues are indeed happening on a load-balanced web server. Though both (I believe there are two Craft instances running) are using the same Redis instance for cache and sessions. We applied the example found here: https://craftcms.com/docs/3.x/config/#redis-example-2

Regards, Boudewijn

On Fri, Mar 11, 2022 at 8:03 PM Mark Doorschodt @.***> wrote:

Begin doorgestuurd bericht: Van: Brad Bell @.***>

Datum: 11 maart 2022 om 17:30:38 CET Aan: craftcms/cms @.> Kopie: mdoorschodt @.>, Mention @.> Onderwerp: Antw: [craftcms/cms] not able to login: Unable to verify your data submission (Issue #10733) Antwoord aan: craftcms/cms < @.>



@mdoorschodt https://github.com/mdoorschodt Sounds like a PHP session issue... is this in a load-balanced web server setup?

— Reply to this email directly, view it on GitHub https://github.com/craftcms/cms/issues/10733#issuecomment-1065277795, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABJZZMM6BPNYW2C7IR7B4D3U7NYKVANCNFSM5QPAGREA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

mdoorschodt avatar Mar 12 '22 10:03 mdoorschodt

I was also seeing this on a Nitro instance - it was occurring when I accessed the site over http and not https, the first ever time I tried to login. The error that the login form displayed was just "undefined" in red text.

It's a bit annoying as the browser will default to http if you just type in the hostname on its own. It's really easy to miss, just spent 45 minutes trying to figure out what was happening. 🤦

Might be nice if nitro forwarded http by default? If that's not too aggressive.

tomkiss avatar May 18 '22 09:05 tomkiss

Yeah this has been known to happen when you access a site via HTTPS and then later access it via HTTP. If you want to stick with HTTP, you may have to clear out your browser cookies.

brandonkelly avatar May 19 '22 14:05 brandonkelly

We ran into the "unable to verify data submission" and it turned out that someone set the "defaultCookieDomain" in config/general.php to ".ddev.site" which broke any environment not using .ddev.site as a domain.

BenMenking avatar Jul 11 '23 13:07 BenMenking