Plugin Support
Laszlo
(@laszloszalvak)
Hi @chengjianping
I checked the login with Google, and I see an authentication failed error, so actually the login fails.
First of all, please enable the “Debug mode” setting on our “General” tab:
and that way we will write out the error message the next time you try to connect with social login.
Next, you should check if you use:
- any Object Cache ( Object cache is typically loaded by Cache plugins or Must Use / Drop-Ins plugins. So if you use a cache plugin you should check if they have an object cache feature. Otherwise you should check the “Must use” and “Drop-Ins” tabs in the Plugins list.)
- or Varnish ( which is typically coming from the server host. So you should check the Control Panel / WHM of your server host if you see any Varnish specific options there. If you can’t find any, then it is also possible that Varnish is managed on command line level, so you should contact your server host and ask them about it. )
and based on that I will give you more details on what you have to do next.
Best regards,
Laszlo.
Plugin Support
Laszlo
(@laszloszalvak)
Hi @chengjianping
As for your screenshots:
Thank you for the screenshotsm based on them, it seems our “Debug mode” setting is still disabled. Could you enable that please as I requested in my previous reply? Then I will check the login again so we can figure out the actual error message.
Also in your screenshot I can see that you selected a page called “Login and Registration” for both the “OAuth redirect uri proxy page” setting and the “Page for register flow” setting. Did you selected the same page for both settings? Or are those 2 different pages, just you named them the same?
If you used the same page for both settings, then that’s wrong, since as we mention in the description of those settings, you need to create new pages for both of the settings. So in total you need 2 pages:
- one for the “Page for register flow” setting, which needs to contain the suggested shortcode: [nextend_social_login_register_flow]
- and another for the “OAuth redirect uri proxy page” setting, which needs to be completely empty
Please make sure you configured these 2 settings properly.
If you did the necessary changes, and you still see the problem:
Could you check please if you used “Object Cache” and “Varnish” as I mentioned in my previous reply? Since if you use either of those, then I believe the problem will be connected to one of those, and depending on which one you use exactly, I will provide more information.
After the modification, it still doesn’t work. I also cleared the cache, and now it prompts Error: Unable to validate CSRF state. The cache plugin I use is WPRocket
Plugin Support
Laszlo
(@laszloszalvak)
Hi @chengjianping
Thank you for the additional details. Based on your error message, the problem will be indeed Varnish or a misconfigured Object Cache.
As far as I know WP Rocket doesn’t have a built in Object Cache feature, so I don’t think that is the real source of the problem, but just in case you should disable the caching for the 2 pages that you created for our “OAuth redirect uri proxy page” and the “Page for register flow” settings in the page settings of those 2 pages, by enabling the “Never cache this page” option of WP Rocket like you see in their documentation:
Once you excluded the 2 pages from WP Rocket’s caching:
- Go to WordPress > Plugins > Installed plugins and check if you see the “Must use” or “Drop-Ins” tabs there, like you see in the picture of this article:
https://wpmudev.com/blog/wordpress-mu-plugins/#features-mu-plugins
If you see them, then please:
-click on the tab
-take a screenshot of its contents
-then contact us directly over the ticket system: https://nextendweb.com/contact-us/nextend-social-login-support/
-and send us the screenshots. That way I could tell if you have an Object Cache or not
- You should also contact your server host and ask them if they use Varnish. If they do, then they need to exclude both the:
-“SESSnsl” cookie
-“?loginSocial” GET parameter in case of the URLs, as that is usually present in all of our requests.
Note:
I wanted to check the login with social login again, but I am no longer able to reach your /account page as it now redirects to the /login page, which dies with the error:
Forbidden
You don’t have permission to access this resource.
I am not really sure if meanwhile you also made some additional changes e.g. in a security plugin or it is because of a server settings, I just wanted to inform you about this, this may prevent other users accessing your login page as well.
It has been sent. There is an advanced cache plugin in Drop-Ins. Now my account can be logged in. You can check the error prompt
Plugin Support
Laszlo
(@laszloszalvak)
Hi @chengjianping
Thank you we received it, I have just replied to your support ticket.
If you can not find my reply in your inbox, please check the spam and promotions folder as sometimes our email ends up there.
Note: Just to manage this conversation at one place at a time, please reply to message that you received from our ticket system and once we discussed the issue there, I will update this topic with the solution as well, just in case if it helps somebody else, too.
Already received, replied
Plugin Support
Laszlo
(@laszloszalvak)
Just in case if somebody else also encounters a similar problem:
The problem was caused by Varnish cache of the server host. @chengjianping added the 2 exclusion rules we suggested:
- Cookie: SESSnsl
- URL: ?loginSocial
and it resolved the problem.
