Closed
Bug 1199941
Opened 9 years ago
Closed 9 years ago
inactive sessions should expire faster (a week?)
Categories
(bugzilla.mozilla.org :: General, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: dveditz, Assigned: glob)
Details
Attachments
(1 file)
616 bytes,
patch
|
dkl
:
review+
|
Details | Diff | Splinter Review |
I was exploring the new sessions tab on the bugzilla userprefs page and found some really old sessions from my home IP address. I assume these were from fresh browser profiles I create when testing bugs against various old branches. The oldest of them hadn't logged in since July 30, nearly a month ago. That's excessive for an inactive session. If someone hasn't used their session for a week (or two, max) we should make them log in again.
Heck, I use two different web mail providers that make me log in once a week even when I'm using their site daily.
this sounds reasonable.
the only place where i think this may cause issues is api clients logging in to get a token and assuming that it will be valid for 30 days. they could either detect the expired token, or switch to api-keys.
Comment 2•9 years ago
|
||
Comment on attachment 8654734 [details] [diff] [review]
1199941_1.patch
Review of attachment 8654734 [details] [diff] [review]:
-----------------------------------------------------------------
r=dkl
Attachment #8654734 -
Flags: review?(dkl) → review+
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git
8a5c7c7..91eac6e master -> master
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•