[staging] Rebooted PC but account remained logged in
Closed this issue · 5 comments
sherlockwisdom commented
[staging] Rebooted PC but account remained logged in
nSedrickm commented
@sherlock this is expected if you didn't logout and your session is still valid (2h)
sherlockwisdom commented
Let's reduce that to 30 minutes
nSedrickm commented
Its a config you can change on the BE
sherlockwisdom commented
There is a security vulnerability here, how is the FE handling it away from the BE?
nSedrickm commented
If the user makes any request after their session expires a 401 is thrown and they are logged immediately