coldfront icon indicating copy to clipboard operation
coldfront copied to clipboard

Published 20 hours ago verified publisher icon ubccr

Expire sessions X seconds after the last activity

Open aebruno opened this issue 3 years ago • 1 comments

Currently, sessions expire after 15 minutes. This is hard coded in settings here. What we really want is to keep the session alive as long as the user is doing something. Once they become inactive after X seconds, the session should expire.

Let's make the following modifications:

  1. Use this module django-session-timeout in auth.py
  2. Add support for setting SESSION_EXPIRE_SECONDS and SESSION_EXPIRE_AFTER_LAST_ACTIVITY via env variables.
  3. We probably need to unset SESSION_COOKIE_AGE or set session to expire at browser close. See here

aebruno avatar Sep 08 '22 17:09 aebruno

@aebruno I thought this time out was related to mokey/openid because we have the same issue with OnDemand.

dsajdak avatar Sep 12 '22 12:09 dsajdak