Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't log users out so frequently #8961

Merged
merged 1 commit into from
Sep 19, 2024
Merged

Don't log users out so frequently #8961

merged 1 commit into from
Sep 19, 2024

Conversation

seanh
Copy link
Contributor

@seanh seanh commented Sep 19, 2024
edited
Loading

Fixes #8949. We agreed on logging inactive users out after three months and active users after one year, Slack thread:

https://hypothes-is.slack.com/archives/C4K6M7P5E/p1726753077108739?thread_ts=1726473609.158389&cid=C4K6M7P5E

robertknight
robertknight reviewed Sep 19, 2024
View reviewed changes
Copy link
Member

@robertknight robertknight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had a query about the changes in session.py.

h/session.py Outdated
@@ -126,7 +127,7 @@ def includeme(config): # pragma: no cover
#
# To avoid this we make sure that the lifetime of CSRF tokens is always
# longer than the lifetimes of auth cookies.
timeout=HTML_AUTHCOOKIE_MAX_AGE + 3600,
timeout=int(timedelta(hours=1).total_seconds()),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be HTML_AUTHCOOKIE_MAX_AGE + ...?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, pylint caught that as well. The fact that session_test.py didn't catch this suggests that the unit tests aren't as good as they could be

@seanh
Don't log users out so frequently
a01d64c 
Fixes #8949. We agreed on logging
inactive users out after three months and active users after one year,
Slack thread:

https://hypothes-is.slack.com/archives/C4K6M7P5E/p1726753077108739?thread_ts=1726473609.158389&cid=C4K6M7P5E
@seanh seanh force-pushed the dont-log-users-out-so-frequently branch from ded0890 to a01d64c Compare September 19, 2024 14:01
@seanh seanh merged commit bdbe3ae into main Sep 19, 2024
9 checks passed
@seanh seanh deleted the dont-log-users-out-so-frequently branch September 19, 2024 14:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robertknight robertknight robertknight approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

h logs users out too frequently
2 participants
@seanh @robertknight