Security token causing login issues

Pydio 8.0.2 from RPM on CentOS 7.x latest.

I just got the latest version of Pydio working and logged out to test other accounts, I am now locked out it seems. I am getting “It seems your security token expired” then some javascript, then it says to please refresh your browser. I have deleted the cookies and tried again. Still same thing. I am using MariaDB as backend.

Here are the logs:
[Mon Jan 29 11:49:19.352132 2018] [:error] [pid 4026] [client 10.1.10.50:56542] PHP Warning: Unknown: POST Content-Length of 78 bytes exceeds the limit of 5 bytes in Unknown on line 0, referer: http://fileserver01.dev.stl1.domain.net/pydio/
[Mon Jan 29 11:49:19.393862 2018] [:error] [pid 4026] [client 10.1.10.50:56542] [PYDIO] IP 10.1.10.50 | user shared | Error | error l.70 | from SecureTokenMiddleware.php | message=You are not allowed to access this resource., referer: http://fileserver01.dev.stl1.domain.net/pydio/

Nevermind. Fixed it. Had my upload size way to high.

Sorry, can you elaborate further? In which way does the upload size interfere with the security token middleware? And what upload size have you set to fix it? (I’m assuming you’re talking about a php.ini config option).

I’m just wondering because I managed to ‘break’ the Duo Security plugin I had for two-step authentication and wish to get rid of it — since none of my users can log in, not even the admins, all failing with the error you’ve described.