Does it matter if a user's current channels list does not match the channels list in their sync gateway session?


#1

We are using couchbase lite 1.3.1 and sync gateway 1.3.1. Our users login to the app once, get a sync gateway session, and then don’t need to login or re-authenticate again (session is non-expiring). We started having authentication issues recently and I was looking into users’ sync gateway sessions and noticed that the session document has a channels list in it (in userCtx object). Our users’ channels change a lot though after they have logged in. Does it matter that the users’ actual channel lists do not match the ones in the cookies they are using?


#2

Hi, thanks for posting that. I’m going to try to dig in further.

Have you observed any incorrect behavior? If so, can you give a more detailed description of exactly what’s happening vs what you’re expecting? For example, can you verify that users are not able see documents they are expected to see?


#3

It looks like the root cause of our issue was that user cookies were disappearing off the client. I don’t think it was related to the channels in the cookie not matching the user’s current channels. As far as I can tell the channels in the cookie are irrelevent and sync gateway always uses the user’s current channels from their user doc (internal sync gateway one in _users) to determine channel access.


#4

That’s correct - on session-based authentication, the user context is reloaded based on the username associated with the session. There’s no reuse of any channel information from the session document.