After getting logged out, valid private session links don't work unless you clear cookies

frin

Yesterday my sessions were randomly invalidated so I was logged out, but that is another issue (I don't understand why I was logged out since I didn't change email/password/2fa and I didn't log out manually).

Then I logged in Orion successfully and stored the new private session link in all my browser and devices.

At another location in Chrome I still had the old session token, refreshing kagi.com showed the login form. I pasted the new private session link and I keep getting redirected to https://kagi.com/signin?p=invalid_token - there is no way to get them working in normal non-incognito mode unless I delete all cookies for kagi.com in that browser.

This happens every time after getting logged out.

Expected behavior:

No matter what my cookie state is, private session link should erase old cookie and initialize the new one with the private session link's session.

I had this happen in both Orion and Chrome, latest versions.

Vlad

frin Can you please post exact steps to reproduce (1. 2. 3. ...)

frin

Vlad I tried to reproduce it but I can't by just signing out and reusing other session, maybe it is time related that something expires on the old cookie and it just doesn't get reset. The way it happened is:

On machine A I logged in in normal mode and used private session link in incognito
Few hours later, on machine B I reused private session link
Some time later somehow my session was invalidated so I was logged out of every browser and device, I had to log back in on machine B
Next day on machine A I refreshed the page with the old session and sign up/log in page showed, I tried pasting the new private session link from machine A that is still valid and was redirected to https://kagi.com/signin?p=invalid_token

The private session link did not work until I cleared the cookie for kagi.com, then it worked.

I will see if it happens again and see what cookies are active when I get logged out and before pasting the link, and after pasting the link. Anywhere I can post those cookie contents privately if it happens again, f.ex. on Discord?

Vlad

frin Sure if you find reliable steps to reproduce you can ping me on Discord

frin

This can be closed as I have not experienced it since.

Ninja

This is still happening. I noticed it when using Kagi search from Alfred. It started working when I cleared the cookies after reading this thread.