The realm has been migrated to a new server. This may cause some issues due to the browser’s cache.
Most likely, you can resolve them with these steps:
Do we have other issues?
No matter what I do, be it on wolfery or the muklet replacement link on the upgrade side, on mobile I get always the same message when trying to log in:
Missing token
Welcome to the forum, @Soulwing!
I did get that error myself, but once I reloaded completely (CTRL + F5), I got it to work.
So, how do you “reload completely” without cache on mobile?
Maybe one of these suggestions can work:
Almost as tricky here:
I tried everything here, my cashe is now empty and whatnot…still ‚missing Token‘
That is troublesome. It means we might have an issue on iOS/OSX devices.
If so, it is most likely a CORS issue where the cookie containing the authentication token isn’t included in the WebSocket connection to the API. This would be because I changed the endpoint URLs:
| Service | Before | Now |
|---|---|---|
| Client | https://wolfery.com |
no change |
| Authentication | https://wolfery.com/auth |
https://auth.mucklet.com |
| Files (images) | https://wolfery.com/file |
https://file.wolfery.mucklet.com |
| API | wss://api.wolfery.com |
wss://api.wolfery.mucklet.com |
Before, client and authentication was on the same domain (but not subdomain) as the API.
Now, only the authentication endpoint that sets the token cookie is on the same subdomain as the API, while the client is on a completely different domain.
@Tlancaalek, if you see this, don’t you have an iOS device? If so, does it work for you?
I do, and I am able to reproduce the issue, on both my iPad and on macOS (I’m admittedly running an older version of macOS, though). The error message crops up when clicking the login button after filling the username and password in. On the one hand, I get an error on page load:
[Error] Failed to load resource: the server responded with a status of 401 () (authenticate, line 0)
from the resource:
https://auth.mucklet.com/authenticate?noredirect
On the other hand, Microsoft Edge is providing a similar error on page load:
POST https://auth.mucklet.com/authenticate?noredirect 401
Looking at the network tab of the inspector on Safari, that first error that crops up on page load is providing a response of:
{
“code”: “identity.missingToken”,
“message”: “Missing token”
}
That is similar to the response in Edge, which is working okay:
{code: “identity.missingToken”, message: “Missing token”}
However, things diverge sharply after that; I’m seeing a few more resources load on Edge; two attempts to load about:blank (denied), CharPing.worker.worker.js, a favicon, and site.webmanifest.
On submit, login is called, and a 200 response is returned from the POST on both browsers, and both set an auth-token cookie with an origin of https://wolfery.com.
api.wolfery.mucklet.com is where things appear to diverge. On Edge, I see a 101 Switching Protocols response, and an Upgrade: websocket header included in both the request and the response.
On Edge’s inspector, I can’t seem to see the actual data passed in the websocket, or at least, I can’t the way I’m looking at it. On Safari, however, I see:
| Data | Time |
|---|---|
| WebSocket Connection Established | 1646055683.644608 |
| {“id”:1,“method”:“version”,“params”:{“protocol”:“1.2.1”}} | 1646055683.7693396 |
| {“result”:{“protocol”:“1.2.2”},“id”:1} | 1646055683.899142 |
| {“id”:2,“method”:“auth.auth.authenticate”} | 1646055683.8998363 |
| {“error”:{“code”:“auth.missingToken”,“message”:“Missing token”},“id”:2} | 1646055684.028995 |
I’m not sure if that helps narrow things down or not, but let me know if there’s some way I can dig deeper from this end.
Got it. It’s “Messages” under Edge. In Edge, the message after auth.auth.authenticate is
{“result”:{“payload”:null},“id”:2}
Followed by a lot more traffic.
Thank you, Lek! This is really helpful.
The authenticate?noredirect error is expected though:
The client starts by calling the authenticate endpoint to verify if it has a valid token. This also gives the auth-server a chance to update the token cookie, if needed.
This error response should, in case you haven’t logged in, contain the error:
{
“code”: “identity.missingToken”,
“message”: “Missing token”
}
So, that is correct behavior.
Now, after you click Login, you have a call to: auth.mucklet.com/login?noredirect
This is the interesting one, as that one tries to set a new token, which should be included in the connection to the WebSocket API at api.wolfery.mucklet.com
Wait! In Chrome Incognito, I just got the same error. The login?noredirect gave me this error:
It fails to set the cookie? Can you check if it is similar in Safari?
Okay. I think I got it. Safari doesn’t provide a message explicitly saying it’s not setting the cookie, but it appears to either not be set, or it’s simply quietly not providing it when it should.
The fix for this, unfortunately, is to globally disable “Prevent Cross-Site Tracking”, as there’s no way to allow it per-site that I can find.
On iOS, this is in Settings > Safari. Look under the Privacy & Security pane, and the very first option should be “Prevent Cross-Site Tracking.” Turn that off.
On macOS, at least in my admittedly old version, it’s in Safari’s preferences, under Privacy > Website tracking. Uncheck “Prevent cross-site tracking” there.
If this is a concern, you may wish to consider a content blocker of some sort that provides finer-grained control over settings, instead of this built-in setting.
Lovely suggestion @Tlancaalek! Another alternative, that I just set up, is using https://wolfery.mucklet.com/
However, with that link, you will not have access to your old logs, as your browser has stored them under the wolfery.com domain.
I’ve updated the client to show the following error message instead of “Missing token”:
We have issues with Safari and Incognito. See this forum post for solutions.
