Prevent Automatic Logout Over HTTP
In this blog post, we'll explore the cause of this problem and provide a step-by-step guide to fix it.
Introduction
If you’re running a LibreChat instance on your local network and find yourself being asked to log in every time you refresh the page, you’re not alone. This issue can be frustrating, but fortunately, there’s a solution. In this blog post, we’ll explore the cause of this problem and provide a step-by-step guide to fix it.
The Cause
When you run the LibreChat server, the cookies are set to “secure” by default in the “production” mode. This security measure is intended to protect user sessions and prevent unauthorized access. However, when accessing the instance on a local network without using localhost or HTTPS, this setting can cause the login prompt to appear on every page refresh.
The Solution
To resolve this issue, we need to override the default configuration and set the appropriate environment for the API service. Here’s how you can do it:
-
If you’re using Docker to run LibreChat, create a new file named
docker-compose.override.yml
in the same directory as yourdocker-compose.yml
file (If you don’t already have one!). -
Open the
docker-compose.override.yml
file and add the following content:
services:
api:
command: npm run backend:dev
-
Save the file.
-
Restart your LibreChat instance using the
docker compose up -d
command.
Conclusion
By adding this override configuration, we’re instructing the API service to run in development mode, which disables the secure cookie setting. This allows users to stay logged in even when refreshing the page on a local network.
It’s important to note that directly modifying the NODE_ENV
variable in the package.json
file or providing it through the .env
or docker-compose.yml
files may not be effective in this case. The override configuration ensures that the appropriate command is executed for the API service.