Users getting logged out of iOS

[wcjord]

Bug Description

We've had many users report getting logged out of the app when they leave and come back. I've experienced it as well.

It seems to just be iOS. I've never seen it on web. I don't have an Android.

Steps to Reproduce

1. Log in. (maybe just on iOS)
2. Close the app.
3. Wait some time (not clear how much)
4. Open the app and you're logged out.

It's not clear

Expected Behavior

Shouldn't log out.

App Version

current version as of July 23, 2024

Additional Platform Information

all reports are just iOS as I can recall

Additional Context

No response

[wcjord]

@ggurdin This is difficult to directly test. I suggest looking at the logic and trying to figure out what could be different about iOS from web and Android. See if there's some kind of test we can devise to investigate functionality, probably of the method of storing the log in data? That's my first guess.

[ggurdin]

simolus3/drift#1810 (comment)

Seems like this could be a promising resolution to the error, but looks like it's already in our code, and was in our code at the time of the last release

[ggurdin]

Happens in openDatabase call at line 120 builder.dart
version: 1 is passed to OpenDatabaseOptions
database.dart's implementation of openDatabase calls database.doOpen, which calls the version of doOpen in database_mixin

if (options.version != null), then call getVersion() in sqlite_api.dart, which calls _db.txnGetVersion(_txn)

The line that causes the error is final rows = await txnRawQuery(txn, 'PRAGMA user_version', null);

[ggurdin]

https://discuss.zetetic.net/t/flutter-sqlcipher-issue-since-ios-15/5166

[ggurdin]

https://discuss.zetetic.net/t/important-advisory-sqlcipher-with-xcode-8-and-new-sdks/1688

[wcjord]

@ggurdin is our additional logging live on mobile? has it caught anything on sentry?

[ggurdin]

Yes it's live. I'll check sentry

[ggurdin]

https://pangea-chat.sentry.io/issues/5420564298/events/867ad16ba1ed4caaaf8e31b8d6ea651a/

It looks like the cipher is null, which means the call to getDatabaseCipher() returned null. It tried to read the encryption key that should have been stored in FlutterSecureStorage when the DB was initially created, for some reason could not read it (or maybe it wasn't there).

If the attempt to read from secure storage caused an error, that would cause the function to return null.
If it didn't cause an error (and just returned null), it would have tried to create a new encryption key, store that in secure storage, and return that. If there was an error in that process, it should have left a sentry breadcrumb about encryption not being available on the platform, but I'm not seeing that in the sentry logs.

[wcjord]

What’s the next step? More logs? Direct testing of something? Will Jordan-Cooley CEO and Founder Pangea Chat <https://www.pangeachat.com>

…

On Thu, Aug 22, 2024 at 1:55 PM ggurdin ***@***.***> wrote: https://pangea-chat.sentry.io/issues/5420564298/events/867ad16ba1ed4caaaf8e31b8d6ea651a/ It looks like the cipher is null, which means the call to getDatabaseCipher() returned null. It tried to read the encryption key that should have been stored in FlutterSecureStorage when the DB was initially created, for some reason could not read it (or maybe it wasn't there). If the attempt to read from secure storage caused an error, that would cause the function to return null. If it didn't cause an error (and just returned null), it would have tried to create a new encryption key, store that in secure storage, and return that. If there was an error in that process, it should have left a sentry breadcrumb about encryption not being available on the platform, but I'm not seeing that in the sentry logs. — Reply to this email directly, view it on GitHub <#509 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AHYPKFOGSHF6LHQIDB3UGZLZSYQYDAVCNFSM6AAAAABLKYIGQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMBVGMZDONRYGU> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[ggurdin]

Next steps I think would be researching any known bugs with FlutterSecureStorage on iOS, and then from there either adding more logging and/or a potential fix based on any info I find.

[ggurdin]

mogol/flutter_secure_storage#532
mogol/flutter_secure_storage#524

Seems like these could give some direction for next steps. The issues they're describing sound similar to our own.
I have add extra logging and the fixes described in the above issue conversations, and upload a version with those fixes to testflight for you to test with @wcjord? That way we wouldn't have to upload a new iOS production build.

[wcjord]

Yup, sounds good! I've got on my to-dos to test that version!

…

On Fri, Aug 23, 2024 at 11:44 AM ggurdin ***@***.***> wrote: mogol/flutter_secure_storage#532 <mogol/flutter_secure_storage#532> mogol/flutter_secure_storage#524 <mogol/flutter_secure_storage#524> Seems like these could give some direction for next steps. The issues they're describing sound similar to our own. I have add extra logging and the fixes described in the above issue conversations, and upload a version with those fixes to testflight for you to test with @wcjord <https://github.com/wcjord>? That way we wouldn't have to upload a new iOS production build. — Reply to this email directly, view it on GitHub <#509 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AHYPKFPLLOEVARJLC7XFWFTZS5KENAVCNFSM6AAAAABLKYIGQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMBXGM2DQNZUGM> . You are receiving this because you were mentioned.Message ID: ***@***.***>

-- Will Jordan-Cooley CEO and Founder Pangea Chat <https://www.pangeachat.com>