Closed Bug 1199941 Opened 9 years ago Closed 9 years ago

inactive sessions should expire faster (a week?)

Categories

(bugzilla.mozilla.org :: General, defect)

Production
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: dveditz, Assigned: glob)

Details

Attachments

(1 file)

I was exploring the new sessions tab on the bugzilla userprefs page and found some really old sessions from my home IP address. I assume these were from fresh browser profiles I create when testing bugs against various old branches. The oldest of them hadn't logged in since July 30, nearly a month ago. That's excessive for an inactive session. If someone hasn't used their session for a week (or two, max) we should make them log in again. Heck, I use two different web mail providers that make me log in once a week even when I'm using their site daily.
Component: Administration → General
Attached patch 1199941_1.patchSplinter Review
this sounds reasonable. the only place where i think this may cause issues is api clients logging in to get a token and assuming that it will be valid for 30 days. they could either detect the expired token, or switch to api-keys.
Assignee: nobody → glob
Status: NEW → ASSIGNED
Attachment #8654734 - Flags: review?(dkl)
Comment on attachment 8654734 [details] [diff] [review] 1199941_1.patch Review of attachment 8654734 [details] [diff] [review]: ----------------------------------------------------------------- r=dkl
Attachment #8654734 - Flags: review?(dkl) → review+
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git 8a5c7c7..91eac6e master -> master
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: