We are using couchbase lite 1.3.1 and sync gateway 1.3.1. Our users login to the app once, get a sync gateway session, and then don’t need to login or re-authenticate again (session is non-expiring). We started having authentication issues recently and I was looking into users’ sync gateway sessions and noticed that the session document has a channels list in it (in userCtx object). Our users’ channels change a lot though after they have logged in. Does it matter that the users’ actual channel lists do not match the ones in the cookies they are using?
Hi, thanks for posting that. I’m going to try to dig in further.
Have you observed any incorrect behavior? If so, can you give a more detailed description of exactly what’s happening vs what you’re expecting? For example, can you verify that users are not able see documents they are expected to see?
It looks like the root cause of our issue was that user cookies were disappearing off the client. I don’t think it was related to the channels in the cookie not matching the user’s current channels. As far as I can tell the channels in the cookie are irrelevent and sync gateway always uses the user’s current channels from their user doc (internal sync gateway one in _users) to determine channel access.
That’s correct - on session-based authentication, the user context is reloaded based on the username associated with the session. There’s no reuse of any channel information from the session document.