Android app version 1.4.18 requests login credentials too often

  • On April 8 2024 I received an update to dynalist app on my android phone (pixel 6 with aprilsecurity update). Viewing the app version, it says 1.4.18.
  • Since then it asks for login credentials too often
  • Steps to reproduce:
  1. Open dynalist app (prompted for login)
  2. Clear dynalist app from memory (by pressing recents button, then swiping up on dynalist) (*)
  3. Open dynalist app again (prompted for login AGAIN)

(*) Note even if I didn’t manually clear the app from memory, android would do it automatically when it needs memory. So the manual step 2 is not necessarily a prerequisite to the problem recurring again and again during routine usage of the phone.

2 Likes

Happening to me as well. I’m using the web app in the meantime until this is fixed. Hopefully it gets resolved soon.

Same with me but it doesn’t even seem to need to be removed from memory to require login. If I start by tapping the icon it always wants login again and sometimes does even when I select it from the running app list.

Totally unusable it its present form.

I tried downgrading to 1.4.17 (from 2022) and it has the same issue, so it’s possible something has changed server-side that’s impacting the mobile app.

That’s weird. I haven’t touched the server code in a while so that shouldn’t be an issue.

Could you guys try completely uninstalling and reinstalling?

I’ve tried fully uninstalling, restarting my phone, then reinstalling, and the issue remains.

Ok I was able to reproduce this problem after relogging on my dev app - this is a new Android OS bug where the cookies only gets saved after 30s.

Once you login, keep the app open for over 30 seconds and that should properly save the cookies. From there on the subsequent restarts shouldn’t have this issue.

@Jayden_Navarro Since you say this also happens in the older version from 2022, this must have been happening for a while already. I guess somehow the update forced a re-log for this user which is now running into it.

Let me know if you guys are able to work around this by waiting 30 seconds.

@Shida I tried keeping the app open for multiple minutes after logging in but the issue is still happening.

The “wait for 30s” trick seems to work for 1.4.17, but on the most recent code version it doesn’t.

I experienced similar issues after updating to 1.4.18, but after reverting back to the previous version, 1.4.17, everything started working properly again. So, it’s definitely related to the changes in the latest version.

1.4.17 just logged me out again. I have no idea how to consistently avoid this on either app version.

I was mistaken. The Play Store updated my sideloaded app from 1.4.17 to 1.4.18, which caused the issue to recur. So similar to @Arty, the app is working properly on 1.4.17 (though I did have to wait for 30s for the cookie to save, if I closed it earlier it wouldn’t keep me logged in even on 1.4.17).

I’ve disabled auto-updating for the Dynalist app, so hopefully it doesn’t break again in the near future.

1 Like

The latest version has no code change at all, and I’ve only bumped the target SDK to 33 as required by the play store to keep the app available, so I’m looking into potential target SDK upgrade issues today.

This is now fixed with a server-side change. The issue was that our server is using an old framework that didn’t support the new “SameSite” attribute and the Android app loads its code locally from within the app. Android 12 (SDK 31 and above) mandated the use of SameSite for cookies which meant that our login cookies were dropped since it’s loaded from a different domain (dynalist.io) than the app’s local code.

I’ve added the SameSite cookie attribute and this seems to have fixed the login issue for me on the latest app version - can someone confirm?

(Remember to keep the app open for 30s after, that bug is in the app!)

1 Like

I have a separate fix for the 30s wait issue that I will release in the next play store update.

Can confirm it’s now keeping me logged in on version 1.4.18. Thanks for fixing!

1 Like

Perfect, thanks for your help testing. I will push out an update soon to remove the need for the 30s wait.

Yes, fixed for me too as long as app was open for 30 seconds after initial login before I clear it from memory. Once I’ve done that initial login for more than 30 seconds then everything works fine even if I open app for less than 30 seconds in later sessions.

By the way that was very fast response. It’s a great app and I appreciate the good work you do.
Thanks!!

1 Like

Fixed for me too. Many thanks to @Shida for the rapid respose.