You might have noticed, when working in the admin area, that it may have signed you out after refreshing the page, saving content, or simply by being in the admin area.
This occurs as Ozcart has security features to prevent your store from being hijacked by a remote or local hacker.
There are 2 security features to note:
- Token
- Auto idle logout
1. Token
The first security feature is a token that is added to the URL of every admin area page. The token is random and is in this format (take a look at your admin area URL): &token=txA12xefGonCuEzXrLSA1dvRaYTWshBj
Everything after "&token=" gets changed every time you log out and sign back in. This means that if you sign out and then sign back in, you won't be able to use other tabs/windows (in the same browser) that have an older token. Only the newest token/sign-in can be used.
Tip 1: When the system signs you out and you have other tabs opened, you can do the following to regain access to the other tabs: Sign back in in one of the tabs, copy the new token characters (everything after &token=), and paste it over the older token in the other tabs. It will load back the same page but with the new token.
Tip 2: Sign in to the admin area once and then duplicate the page (right click the browser tab and click clone or duplicate) or middle click on other admin area pages to open new tabs. Then, you can work on those pages simultaneously as they'll have the same token.
2. Auto idle logout
The second security feature in Ozcart activates after some hours of being idle (not using the admin area). In that case, you will be signed out of the admin area automatically. This helps prevent someone else from taking over your store if you accidentally left Ozcart open and someone accesses your computer.
It may sometimes go to the login screen on its own, or it may remain in the admin area until you refresh the page or save content.
Important: If you have been working in the admin area for a while but then leave it open for a few hours, upon returning, copy the text you worked on and try saving, or refresh the page and save. Our recommendation is to always save your content before leaving the admin area idle to do something else (e.g., you have the admin area open but are in another tab/window, or you leave your computer for a while). Upon returning, refresh the page to make sure you're still signed in.
FAQs
Can I have multiple windows or tabs opened?
Yes, you can have multiple windows and tabs opened BUT they must all be from the same sign-in (i.e., using the same token).
If 2 or more of your windows or tabs (in the same browser) have the same token, you can use them successfully.
If the token is different, then the most recent sign-in will sign out the previous one. Read Tip 1 under "1. Token" to find out what to do in this situation.
Can I log in to the admin area from different browsers at the same time?
Yes, you can. This means that you can log in to your admin area using both Google Chrome and Firefox at the same time without worrying about the token. Nevertheless, the other above rules still apply, per browser.
