8

I'm working with a project in Odoo and I have enabled google Sign in. The problem is, when a user tries to log in from different browsers at the same time, only the latest log in session is retained and the older ones are expiring.

For example - I sign in to Odoo using google on chrome and then sign in on Mozilla firefox. At this point if I refresh my page on chrome where I signed in, I will be logged out and will be asked to sign in again but I'm still signed in on firefox.

After a lot of considerations, it came to my mind that probably the old refresh tokens are expiring. However on the official docs, I saw this:

A token might stop working for one of these reasons:

  • The user has revoked access.
  • The token has not been used for six months.
  • The user account has exceeded a certain number of token requests.

If this is not the case then why can't I stay signed in from multiple browsers at the same time? What should I do in order to stay signed in using google from multiple browsers?

Any help would be appreciated!

Community
  • 1
  • 1
solving12
  • 255
  • 5
  • 16

1 Answers1

4

I don't know much about Odoo but most likely this is due to the policy of odoo that they support login session for an account only from one place (and expire older sessions). I'm sure the same applies to when you sign-in with a password that you will only have one session.

When you use login with Google (or other methods), most of the applications issue their own credentials (cookies etc) and they decide the lifetime of a session (most don't tie these to Google session). I suspect that is what you are experiencing here.

The previous tokens don't become invalid for the same app when a new token is issued (up to a limit roughly 25).

nvnagr
  • 2,017
  • 1
  • 14
  • 11
  • Hello @nvnagr, could you show me where exactly Odoo mentions "that they support login session for an account only from one place (and expire older sessions)"? – solving12 Sep 01 '15 at 13:10
  • well, do you have any authentic link proving it? – solving12 Sep 01 '15 at 14:39
  • When I sign in via username - password, my older tokens don't expire. And refreshing from multiple browsers at the same time does not cause the older session to logout. – solving12 Sep 07 '15 at 12:12
  • Interesting info about the username and password. Did you enable other IDPs and check the behavior? If you see this only with Google, then try this with a test Google account and we can try to investigate further. – nvnagr Sep 08 '15 at 05:46
  • No I didn't try it with anything else like Facebook, etc. Just google. What exactly do you mean by "try this with a test Google account"? – solving12 Sep 08 '15 at 08:41