You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This did work as expected - user was logged out after 60 seconds. However, I also noticed that the cookie, which holds session id does not have Expires/Max-Age set, which means that this is essentially a Session cookie which might get deleted after browser restart.
This causes a problem where expiration_in_seconds is set to a longer period (months, for example), but user still needs to relogin after each browser restart.
That kind of a behavior was unexpected to me since I would have expected that the cookie expiration will be the same as expiration_in_seconds. I did not also find any mentions about this behavior in the README.
I managed to solve this problem with the following configuration:
I expected a problem where I did configure
Plug.Session
like this:This did work as expected - user was logged out after 60 seconds. However, I also noticed that the cookie, which holds session id does not have
Expires/Max-Age
set, which means that this is essentially aSession
cookie which might get deleted after browser restart.This causes a problem where
expiration_in_seconds
is set to a longer period (months, for example), but user still needs to relogin after each browser restart.That kind of a behavior was unexpected to me since I would have expected that the cookie expiration will be the same as
expiration_in_seconds
. I did not also find any mentions about this behavior in the README.I managed to solve this problem with the following configuration:
If this behavior is intentional then maybe at least mention it in the README?
The text was updated successfully, but these errors were encountered: