Creation of a session is prohibited when a session is active

[Robert-Main]

the method for signUp works perfectly and also in the database the user is being added but while trying to login using the same credentials i get this error "Creation of a session is prohibited when a session is active" which wont show even in the terminal where it have occurred

[thanhhung-131]

With this error, you can go to the Auth section of Appwrite -> Click on the account you just registered -> select the session tab, and then delete
I hope this will help you

[Robert-Main]

Thanks... let me try and i will give you the feedback

…

On Sun, 12 May 2024, 19:12 Daiki11101, ***@***.***> wrote: With this error, you can go to the Auth section of Appwrite -> Click on the account you just registered -> select the session tab, and then delete I hope this will help you — Reply to this email directly, view it on GitHub <#23 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AXVZDUYSMHMFJCC4XJBGHLTZB6IIJAVCNFSM6AAAAABHQ3VOF2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMBWGMYDEOJYGA> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[Robert-Main]

it have worked thanks👍👍👍

…

On Mon, 13 May 2024 at 12:05, Robert Main ***@***.***> wrote: Thanks... let me try and i will give you the feedback On Sun, 12 May 2024, 19:12 Daiki11101, ***@***.***> wrote: > With this error, you can go to the Auth section of Appwrite -> Click on > the account you just registered -> select the session tab, and then delete > I hope this will help you > > — > Reply to this email directly, view it on GitHub > <#23 (comment)>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AXVZDUYSMHMFJCC4XJBGHLTZB6IIJAVCNFSM6AAAAABHQ3VOF2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMBWGMYDEOJYGA> > . > You are receiving this because you authored the thread.Message ID: > ***@***.***> >

[ankitjasbeersingh]

Can somebody help me to resolve my issue

[akshayiitr04]

thanks men

[ibra-44]

With this error, you can go to the Auth section of Appwrite -> Click on the account you just registered -> select the session tab, and then delete I hope this will help you

I did exactly what u said , but I couldn't find any active session
and still facing the same issue

[Rahulhanje]

Thanks man it worked

[Uzairkazi695]

i getting the same error. for creating an account and login in both I am facing same problem. in sessions there is nothing then why i am getting this error.


i have tried of clearing sessions also but it did not workout either on creating an account.

[Rahulhanje]

Try this Stop server and Start again

[Uzairkazi695]

i tried multiple times

[Uzairkazi695]

for signup details are stored in DB but at the same time getting an error

[Rahulhanje]

Bro check delete browse locale storage data or else it may have error in configureing the Appwrite i guess
Also try to delete node modules and install again
It may also work

[Uzairkazi695]

Problem is resolved i am deleting all previous sessions when user is trying to log in. by using this method deleteSessions().

[ibra-44]

where are you using deleteSession ?

[BabuP1417]

Problem is resolved i am deleting all previous sessions when user is trying to log in. by using this method deleteSessions().

how

[favio102]

delete manually all session in:
-> browse inspector
-> Application
-> Cookies (click in localhost)
-> Select the session you want to remove
-> right click and delete
-> Try to login again, you will be redirected to /home

[Milton3000]

I solved the issue with the following snippets:

In your appwrite.js you add these two functions:

// Function to check if there is an active session

export const checkActiveSession = async () => {
  try {
    const session = await account.getSession('current'); // Get the current session
    return session !== null; // Return true if there is an active session
  } catch (error) {
    // If there's an error (e.g., no active session), handle it appropriately
    if (error.code === 401) {
      return false; // No active session
    }
    throw error; // Re-throw other unexpected errors
  }
};


// Function to delete all sessions for the current user

export const deleteSessions = async () => {
  try {
    // Get the list of all sessions
    const sessions = await account.listSessions();

    // Delete each session
    await Promise.all(
      sessions.sessions.map(async (session) => {
        await account.deleteSession(session.$id);
      })
    );

    console.log('All sessions deleted successfully');
  } catch (error) {
    console.error('Error deleting sessions:', error.message);
    throw error; // Re-throw the error for further handling
  }
};

Then, you import these two functions and add them into your sign-in.jsx, here is the full one (minus the return):

Full sign-in.jsx (minus the return):

import { View, Text, ScrollView, Image, Alert } from 'react-native'
import React, { useState } from 'react'
import { SafeAreaView } from 'react-native-safe-area-context'
import { images } from "../../constants";
import FormField from '../../components/FormField';
import CustomButton from '../../components/CustomButton';
import { Link, router } from 'expo-router';
import { useGlobalContext } from "../../context/GlobalProvider";
import { getCurrentUser, signIn, checkActiveSession, deleteSessions } from '../../lib/appwrite';

const SignIn = () => {
  const { setUser, setIsLogged } = useGlobalContext();
  const [isSubmitting, setSubmitting] = useState(false)

  const [form, setForm] = useState({
    email: '',
    password: ''
  })

  const submit = async () => {
    if (form.email === "" || form.password === "") {
      Alert.alert("Error", "Please fill in all fields");
      return; // Exit early if validation fails
    }
  
    setSubmitting(true);

    try {
      // Check for an active session
      const activeSession = await checkActiveSession();

      if (activeSession) {
        // Delete the active sessions if one exists
        await deleteSessions();
      }
  
      // Proceed with sign-in
      await signIn(form.email, form.password);
      const result = await getCurrentUser();
      setUser(result);
      setIsLogged(true);
  
      Alert.alert("Success", "User signed in successfully");
      router.replace("/home");
    } catch (error) {
      Alert.alert("Error", error.message);
    } finally {
      setSubmitting(false);
    }
  };

This will first check for an active session, and if there is an active session it will delete it and then proceed to login.

Try and see if it works for you, but I tried 50 different solutions and always ended up with the same problem, and finally, this one works time after time without any issues.

[ibra-44]

it work perfectly , but is that normal for each user loging a message pop out says: user loging successfully , wouldn't be better if there is a way of discarding it ?

[Milton3000]

ibra

Yes of course, I just added it to make sure I saw when the user was logged in - Because there were so many issues around it :)

I'd recommend to remove all of those later!

[Devendra616]

I would suggest appwrite team to resolve it internally. Its quite common if anyone has signed out or not authenticated then he has to signin. His all previous sessions has to be cleared from appwrite itself. This issue I have not found in other framework.

[nelson8013]

I find this approach most ideal as it gives you the flexibility to decide what you want to do with session. you can either delete all session before each login or after ensuring that a session exists for a particular user and is still valid, you can decide to redirect the user to '/intended-route'

import { View, Text, ScrollView, Image, Alert } from 'react-native'
import React, { useState } from 'react'
import { SafeAreaView } from 'react-native-safe-area-context'
import { images } from "../../constants";
import FormField from '../../components/FormField';
import CustomButton from '../../components/CustomButton';
import { Link, router } from 'expo-router';
import { useGlobalContext } from "../../context/GlobalProvider";
import { getCurrentUser, signIn, checkActiveSession, deleteSessions } from '../../lib/appwrite';

const SignIn = () => {
const { setUser, setIsLogged } = useGlobalContext();
const [isSubmitting, setSubmitting] = useState(false)

const [form, setForm] = useState({
email: '',
password: ''
})

const submit = async () => {
if (form.email === "" || form.password === "") {
Alert.alert("Error", "Please fill in all fields");
return; // Exit early if validation fails
}

setSubmitting(true);

try {
  // Check for an active session
  const activeSession = await checkActiveSession();

  if (activeSession) {
    // Delete the active sessions if one exists
    await deleteSessions();
  }

  // Proceed with sign-in
  await signIn(form.email, form.password);
  const result = await getCurrentUser();
  setUser(result);
  setIsLogged(true);

  Alert.alert("Success", "User signed in successfully");
  router.replace("/home");
} catch (error) {
  Alert.alert("Error", error.message);
} finally {
  setSubmitting(false);
}

};

thanks @Milton3000

[nelson8013]

In line with my responds to @Milton3000 's post. I decided to do something with the session if indeed I found out that the user already has an active session instead of deleting it.

I hope this helps

const submit = async () => {
if(!form.email || !form.password) Alert.alert('Error', 'All fields are required')
setIsSubmitting(true);

try {

  //Checking for active session
  const activeSession = await checkActiveSession();

  if(activeSession){
    const result = await getCurrentUser();
    console.log("CURRENT USER:::", result)

    setUser(result)
    setIsLoggedIn(true)
  }else{
    await Login(form.email, form.password);

    console.log("CURRENT USER after login:::", result);

    setUser(result);
    setIsLoggedIn(true);
  }
  
  router.replace('/home')
} catch (error) {
  Alert.alert('Error', error.message)
}finally{
  setIsSubmitting(false)
}

}

[ibra-44]

did you mean that all added code should be deleted?

[ibra-44]

@Milton3000

[nelson8013]

did you mean that all added code should be deleted?

I don't understand the question.

[ibra-44]

@Milton3000 the code you mentioned should be deleted after the session deleted ?

[Uday22BD1A6625]

With this error, you can go to the Auth section of Appwrite -> Click on the account you just registered -> select the session tab, and then delete I hope this will help you

thanks man