Google Chrome (on Android, not on MacOS) AND Safari (on IOS) yield an error when trying to log in. Tor (on Android) does the job perfectly. The error is “Invalid form token. Please reload this form and submit again” + “Welcome back! You are already logged in.”. All mobile users are confronted with this error. Putting some logging in the validate function in Concrete>src>Validation>CSRF>Token.php shows that the login action is executed twice:
Date,Level,Channel,User,Message
“Feb 10, 2023, 10:00:13 AM”,INFO,Application,Guest,“login_concrete 10:00:13”
“Feb 10, 2023, 10:00:13 AM”,INFO,Application,Guest,“10:00:11 3f0a7806f865e0807f32e580763186d8”
“Feb 10, 2023, 10:00:13 AM”,INFO,Application,admin,name of user logged in
“Feb 10, 2023, 10:00:16 AM”,INFO,Application,admin,“login_concrete 10:00:16”
“Feb 10, 2023, 10:00:16 AM”,INFO,Application,admin,“10:00:11 3f0a7806f865e0807f32e580763186d8”
“Feb 10, 2023, 10:18:49 AM”,INFO,Application,admin,“do_logout 10:18:49”
“Feb 10, 2023, 10:18:49 AM”,INFO,Application,admin,“10:01:45 d31ad6cb04bc957d224b64d8cc7e406b”
“Feb 10, 2023, 10:18:54 AM”,INFO,Application,Guest,“login_concrete 10:18:54”
“Feb 10, 2023, 10:18:54 AM”,INFO,Application,Guest,“10:18:52 ddba656924d804da2a1bbe355c31fda4”
“Feb 10, 2023, 10:18:55 AM”,INFO,Application,admin,name of user logged in
“Feb 10, 2023, 10:18:57 AM”,INFO,Application,admin,“login_concrete 10:18:57”
“Feb 10, 2023, 10:18:57 AM”,INFO,Application,admin,“10:18:52 ddba656924d804da2a1bbe355c31fda4”