Malformatted jwt token logout

julianmueller · 10 July 2023 18:32

Hi,
I’m using the Vikunja frontend and API in Dockers on a system alongside a MariaDB. Login from multiple devices and creating tasks in Vikunja works great, I love it! But every time I start each device after some time and refresh the Vikunja frontend webpage, I get logged out with the message “malformatted jwt” in the bottom left corner.

I can access the /api/v1 page of the API Docker and the MariaDB works also fine. I even set the VIKUNJA_SERVICE_JWTSECRET environmental variable in the API docker, but nothing worked.

Do you have any advice I can try? Thanks

kolaente · 10 July 2023 19:43

The jwt token is valid only for 72h by default. You can increase that value in the config. I’d suggest using the “Stay logged in” checkbox though, that will keep you logged in for 30 days (and you can increase that as well).

You should set a jwt secret in the config though, if you don’t do this, all sessions are invalidated every time you restart the api because a new one is generated on startup.

Topic		Replies	Views
JWT secret manually set still results in logout after restart Support	2	940	18 May 2022
Invalid JWT tokens don't properly log you out of the frontend Bug	4	592	15 September 2022
{"message":"missing or malformed jwt"} Support	2	378	27 September 2023
{"message":"missing, malformed, expired or otherwise invalid token provided"} Bug	1	382	24 February 2024
User sessions are lost after restart	2	381	5 August 2022

Malformatted jwt token logout

Related topics