VRMS icon indicating copy to clipboard operation
VRMS copied to clipboard

Published 20 hours ago verified publisher icon hackforla

Increase user session expiration time

Open alex-anakin opened this issue 4 years ago • 0 comments

The task is blocked by:

  • [x] #471

Overview

Currently, the user session expires in 15 minutes after successful authentification. We need to extend this period to 90 days if auth-origin = GOOGLE_ACCOUNT_CHECK. In other cases, it should remain 15 minutes.

Action Items

  • [ ] Fix expiration time on the backend.
  • [ ] Save auth token on a user device using cookies.
  • [ ] Save time when the user visited the app last time
  • [ ] Implement the following logging in logic:
    • if there are no cookies (a new device or cookies were cleaned up) then use the Magic link
    • if the last visit time is more than 20 days then use the Magic link
    • if the last visit time is less than 21 days then log the user in using auth token from cookies (without sending the Magik link to the user) and update the visit time.

alex-anakin avatar Jan 07 '21 09:01 alex-anakin