nextcloud-passwords-ios icon indicating copy to clipboard operation
nextcloud-passwords-ios copied to clipboard

Published 20 hours ago verified publisher icon johannes-schliephake

App refuses to work when the server is down

Open y0grt opened this issue 1 year ago • 10 comments

Is this the intended behaviour? For example if I have connections issues I should still be able to access to the passwords stored in my phone.

y0grt avatar Mar 21 '23 20:03 y0grt

it's worse than that. after opening the app with the server down I had to configure the server url and log in again.

y0grt avatar Mar 21 '23 21:03 y0grt

I wasn't able to reproduce either of the prioblems. Can you install the TestFlight version of the app and take a look at the log? (You won't loose any data when switching versions.) You can find the log in the app's settings. Especially the case when your server is down would be interesting.

johannes-schliephake avatar Apr 03 '23 21:04 johannes-schliephake

I couldn't check (yet) with the beta version, but today the server was under maintenance (so the reverse proxy presented an invalid cert) and the app dumped me out again. I checked and this was not happening exactly when there is no connection but when something unexpected happens.

y0grt avatar Apr 16 '23 17:04 y0grt

Why does the server use an invalid certificate when it is under maintenance? Is the web server unavailable during maintenance or are we talking about Nextcloud's maintenance mode?

Although the app is designed to handle invalid certificates by warning the user, this might still have something to do with this issue.

johannes-schliephake avatar May 02 '23 21:05 johannes-schliephake

I'm talking here about downtime. When using a reverse proxy routing by SNI with several subdomains behind, if a given backend is not available, the reverse proxy will present a self-signed certificate. Regardless of any external interaction, the user shouldn't lose the possibility of accessing the data in the app. The only case I can think of, is an explicit command from the server indicating that the device should be wiped or the credentials were revoked.

y0grt avatar May 03 '23 07:05 y0grt

That's so weird. When the certificate changes to a self-signed one the app should present a confirmation dialog with details about the certificate. Only if this is denied by the user the app will proceed to log out. Were any other alerts or warnings presented by the app? Otherwise I probably can only investigate further when the issue occurs again and details are logged.

johannes-schliephake avatar May 03 '23 19:05 johannes-schliephake

I can switch off the server, and try again, if you have any easy way to get debug logs. Maybe with the beta version?

y0grt avatar May 08 '23 21:05 y0grt

Exactly, you can find logs in the app's settings of the TestFlight version. Just install, reproduce the issue and you should have an entry in the log.

johannes-schliephake avatar May 09 '23 06:05 johannes-schliephake

I had an issue with my router and during the rebuild i had the server shut down after i had already entered the e2e password. The two days it was down, the app never asked for the e2e password again.. only my phone password.. as soon as the server was up it locked out and required the e2e password again

methosomega avatar May 20 '24 04:05 methosomega

The E2E password is only required when establishing a new session. If you are using the default server configuration that will be the case every 10 minutes. When you are using the app offline the latest session can still be used, at least on device. The session is deleted when hard-closing the app. In that case, even when offline the E2E password is required once to decrypt the containers.

johannes-schliephake avatar Jul 06 '24 11:07 johannes-schliephake