foodsoft icon indicating copy to clipboard operation
foodsoft copied to clipboard

Published 20 hours ago verified publisher icon foodcoops

set cookie expiration

Open carchrae opened this issue 4 years ago • 4 comments

a quick fix for #802

caveat - i have not tested this on the master branch (rails 5) but it works on my fork which uses rails 4.2

carchrae avatar Feb 01 '21 19:02 carchrae

Thanks for the PR! While this would be better with 'continue where I left off', doesn't this make it a non-session-cookie, hence keeping the cookie when the browser window is closed with standards-like behaviour?

wvengen avatar Feb 03 '21 19:02 wvengen

a session cookie is simply one with no expiry set. (and that behaviour can be different as mentioned in the issue). this pr just sets an expiry of one year.

it is contentious because maybe some user will not want that behaviour (eg, they want to have to log in), but frankly i don't see many strong arguments for that as a default. this change will mean you have to click log out to log out.

carchrae avatar Feb 03 '21 19:02 carchrae

Ok, fair enough, thanks for explaining. If anyone has an opinion on this, please join in, otherwise I'd be favoured to merging this after some time.

wvengen avatar Feb 03 '21 20:02 wvengen

i'm ok with adding a "remember me" option, but i don't think that a session cookie should have an expire date, regardless what browsers do. i don't like this to get merged

paroga avatar Feb 04 '21 15:02 paroga