While this is a guess, it's possible for your CSRF Token to get "out of sync" temporarily, causing a temporary authentication failure. The CSRF token is a security token which validates your connection to the REST API. If your token stored in your browser is out of sync with the one your REST API expects, then the REST API will return an authentication failure. However, as part of that authentication failure, your REST API will also return a new CSRF token to re-sync the tokens. So, if they ever get unsynced, they will resync again immediately. But, this can result in behavior where a login appears to fail, and then succeeds on the second try.
The CSRF token would rarely get out of sync for a normal DSpace user. It's most likely to happen if an advanced user is logging in first through the UI, and then separately through the REST API (Hal Browser) in the same browser. That's my best guess on what you may have been seeing. Tim ________________________________ From: [email protected] <[email protected]> on behalf of Tianyi Gu <[email protected]> Sent: Monday, November 1, 2021 10:02 AM To: DSpace Technical Support <[email protected]> Subject: [dspace-tech] Myth: Site Admin lost periodically Hello, Happy Monday everyone and hope you have a great ahead! Last Friday, I could not login DSpace with my site admin. However, I have no problem to login this morning with the same password and admin user name. I had another DSpace instance. The same issue happened on that instance as well. Anyone could give any ideas on that? Thank you, Tianyi -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/42e038c9-1d95-498c-8606-5b378deb27fen%40googlegroups.com<https://groups.google.com/d/msgid/dspace-tech/42e038c9-1d95-498c-8606-5b378deb27fen%40googlegroups.com?utm_medium=email&utm_source=footer>. -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/DM5PR2201MB11489DB7463D2CAF808C1EC6ED8A9%40DM5PR2201MB1148.namprd22.prod.outlook.com.
