Inspecting the admin logs I can see that they are having to log in repeatedly, but I've just noticed today that each time they do it's from a new IP address:
Code: Select all
94.119.64.2 Susannah Logged In 14 Feb. 2018 12:43:20
94.119.64.19 Susannah Logged In 14 Feb. 2018 12:41:32
94.119.64.2 Susannah Logged In 14 Feb. 2018 12:41:27
94.119.64.7 Susannah Logged In 14 Feb. 2018 12:41:22
94.119.64.10 Susannah Logged In 14 Feb. 2018 12:41:16
Within 20 seconds there we have 4 different IP addresses.
The user that those logs are from was using BT Cloud WiFi in a cafe.
Now I've no idea why the IP is changing all the time, but BT Cloud is pretty much the largest public wifi service here in the UK so if it's something they do that's affecting logins then that's going to be a pain.
So. Has anyone else had this problem? And any suggestions as to how to handle it? I've asked the user to try connecting through a VPN to see if that solves the problem.
On a wider note though - should we be able to handle this anyway? Even if IP addresses change why is that breaking the session? If I swap VPN servers I definitely get logged out of admin - but if we're using a cookie based auth id then that should be ok shouldn't it....