admin icon indicating copy to clipboard operation
admin copied to clipboard
verified publisher icon sleeping-owl

MAC is invalid in $session->setId($this->encrypter->decrypt($cookie))

Open DionisioFG opened this issue 10 years ago • 6 comments

Hi,

I searched for this issue but i did not find anything about it.

I am having an error in two applications in the same domain ( domain/a, domain/b):

SleepingOwl/Admin/Helpers/StartSession.php line 44 "MAC is invalid" in $session->setId($this->encrypter->decrypt($cookie))

To check this error:

  • I clear the browser cache.
  • I enter in domain/a without problems.
  • I enter in domain/b and give me this error
  • I clear the browser cache
  • I enter in domain/b without problems.
  • I enter in domain/a and give me this error.

It seems that it is problem of 2 or more applications in the same domain

DionisioFG avatar Aug 19 '15 07:08 DionisioFG

The MAC is invalid

I have this problem too.More seriously csrf-token and laravel_token seems to be constant!!!

followtheart avatar Aug 27 '15 16:08 followtheart

Same Problem here.

Squarius avatar Aug 28 '15 12:08 Squarius

I delete browser's cookies and sessions,and it works fine now.

followtheart avatar Aug 28 '15 12:08 followtheart

Thanks. That helped.

Squarius avatar Aug 29 '15 07:08 Squarius

Hello to all, I probably found the problem, and it's located into SleepingOwl/Admin/Helpers/StartSession.php line 44 as says @DionisioFG.

The same situation appear also when you try to navigate a site in HTTP, than navigate the same site in HTTPS.

My solution is to wrap the line 44, into try/catch:

try{
$session->setId($this->encrypter->decrypt($cookie));
}catch (\Exception $exc){}

this solves the problem. I'll do a pull request about this soon.

denistorresan avatar Oct 01 '15 07:10 denistorresan

Hello, I fixed the issues and created a pull request to the main repo:

https://github.com/sleeping-owl/admin/pull/253

denistorresan avatar Oct 01 '15 07:10 denistorresan