Teachers are logged out when they turn editing on, etc.

Teachers are logged out when they turn editing on, etc.

by Brian Jeong -
Number of replies: 6

I'm new to Moodle.

I installed Moodle like this:
CentOS 8
PostgreSQL 12.1
Apache 2.24.43 (https)
PHP 7.3.18 (PHP-FPM)
Redis 5.0.3 (igbinary, phpredis) for sessions
Moodle 3.8.3 (CLI installation from Git Repo)
Login with Custom OAuth2 Server from SIS. (session records are generated well in Redis when users login, and no problem to log in)
Moodle Web Service API functions are called frequently to sync info with SIS.

Now testing with instructors, but some teachers are reporting that they are kicked out of our moodle site so they have to login again and again. This does not happen for other actions like browsing info in the site, but interestingly DOES only when they TURN EDITING ON in their courses, or when they change some settings for the courses such as grading options. It never happens to me as a site admin.

Error Code: error/moodle/confirmsesskeybad
https://docs.moodle.org/38/en/error/moodle/confirmsesskeybad

"This error occurs when you have an invalid unique session key. This is usually caused by hard-coding a Moodle URL into your course / site or by an attempt to circumvent the session key"

What does "This is usually caused by hard-coding a Moodle URL into your course / site" mean?
How can I check whether it is or not?

FYI, this happens after I changed cron job period from 3 * * * * (1:03, 2:03, 3:03, ...)  to * * * * *. (1:01, 1:02, 1:03, ...), but doubt it's related.

Please Help! Any Suggestions will be so appreciated.

Average of ratings: -
In reply to Brian Jeong

Re: Teachers are logged out when they turn editing on, etc.

by Brian Jeong -
We've got another error message:

A required parameter (sesskey) was missing.
Debug info:
Error code: missingparam
Average of ratings: -
In reply to Brian Jeong

Re: Teachers are logged out when they turn editing on, etc.

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
If you create manual account test users do they have the same problem? If you switch off Redis sessions do you have the same problem?

Obviously, try one at a time wink

If you haven't got Debugging on already, make sure it's on all the way to Developer. Check your web server error log.
Average of ratings: -
In reply to Howard Miller

Re: Teachers are logged out when they turn editing on, etc.

by Brian Jeong -
All accounts are manual.
Turning off redis does not help.
Debugging mode : developer.

Checked Apache Error Logs, and I found many optional_hook_import:errors. I'm now googling about that.

BTW, http/2 is enabled, shoud I  turn it off?
Average of ratings: -
In reply to Brian Jeong

Re: Teachers are logged out when they turn editing on, etc.

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
You said, "Login with Custom OAuth2 Server from SIS".... so what does that mean?

Can you copy and paste the exact error you are seeing?

I don't know anything much about http/2. I don't know anybody who uses it (well, you). I seriously doubt anybody tests Moodle with it. If in doubt, turn it off. 
Average of ratings: -
In reply to Howard Miller

Re: Teachers are logged out when they turn editing on, etc.

by Brian Jeong -
Found the culprit!

We create moodle users using moodle web services from our SIS each semester. Regarding the api call to create uesrs, we use a tweak that we set 'auth' values to 'nologin' not to send emails cuz new students already get tons of emails from school. I was supposed to update 'auth' from 'nologin' to 'manual' but forgot that action. my bad.

Here's my experiment:
If I switch 'auth' value from mdl_user table between 'manual' and 'nologin' back and forth, the user can login for both cases, but gets kicked out soon for some actions when the value is 'nologin'.

So, 'nologin' doesn't completely block users from signing in, but it blocks handling session some ways.

Anyway, problem solved, we just added some code to update 'auth' value to 'manual' when syncing enrollments for courses of each semester.

I wish moodle had better error messaging and documentations for error codes. Hope it will be improved. smile

P.S. http/2 works fine. feels faster when dashboard has many blocks.
Average of ratings: -
In reply to Brian Jeong

Re: Teachers are logged out when they turn editing on, etc.

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
Moodle's errors are usually pretty good as long as you have Developer level debugging enabled. Sometimes you have to have a look at the code to see what's going on.

If you do get a truly useless message (I would sack anybody who coded "an unknown error occurred" big grin ) please log it in the bug tracker.
Average of ratings: -