Changes to Slipmat login / authentication

Site Development
, ,
#1

Heads up, slippers!

Slipmat backend services were upgraded earlier this week with some security hardening (1) for our authentication and logging in. Due to this, the cookies for some users might be out of date. If you encounter weird issues on the main site or live events, please empty your browser cookies and local storage for Slipmat.

Temporary workaround: login in private / incognito mode

Automatic session cleanup

  1. Visit here: https://slipmat.io/m/logout-damnit/
  2. Refresh the login page before logging in

Manual fix

You need to delete all cookies and local storage data from your browser.

Detailed instructions for FireFox (desktop)

  1. Open Preferences
  2. Select “Privacy and Security” and scroll to “Cookies and Site Data”
  3. Click “Manage data…”
  4. Search slipmat and delete everything from “slipmat.io” (just the main site, leave backstage and others alone)
  5. Go to https://slipmat.io/account/login/ , then force refresh the page (Ctrl+F5 on Windows / Shift + Command + R on Mac), and finally log back in

Detailed instructions for Chrome (desktop)

  1. Open a new tab and paste in this URL: chrome://settings/cookies/detail?site=slipmat.io&search=cookies
  2. Click “Remove all”
  3. Go to https://slipmat.io/account/login/ , then force refresh the page, and finally log back in

PS. If you have the option to choose, please don’t use Chrome. It spies on you and uses dark patterns to collect your data. Use for example Brave (privacy enhanced Chrome) or FireFox (independent and good-for-the-web alternative) instead.

This is a one-time thing and well worth the security gains, apologies for the hassle!

  1. We updated the main session cookies to be http-only, tweaked CORS-settings and changed the cookie domain to point explicitly to “slipmat.io” to enable cross-site communication for upcoming new DJ Dasboard. These changes help prevent possible XSS attacks and increase the overall security of our auth system.

Second update: the automatic hotfix doesn’t work for all of our users so for the time being it’s advisable to use the manual instructions, they are 100% effective.

4 Likes
I can't comment any more
Bugs noticed after last big update
Can\t create new event
DJ-admin panel just keep spinning and wont show anything
DJ-admin panel just keep spinning and wont show anything