[kforge-dev] login cookie expiration

Rufus Pollock rufus.pollock at okfn.org
Mon Jun 26 11:00:31 UTC 2006

John Bywater wrote:
> Dear Rufus,
> I think the cookie expires with the client session, so as long as you 
> keep your browser open.
> It seems fairly standard to provide a "remember me" check box on the 
> login page, which makes the cookie persist between browser invocations.

That's certainly one option. Here are a couple of others:

a) just default it to some length and if people want to get rid of their 
session they  can logout

b) have 'remember me' as an option on the user page and default it to 
some agreed value (just as we default at present).

My initial preference would be for (a) just because this is the simplest 
(it does not involve any UI changes).

> Shall we create a ticket on the kforge project?

Yes let's create a ticket and we can put the discussion in there.



> Rufus Pollock wrote:
>> Dear John,
>> I wanted to ask how long the cookies that store login info are set to 
>> last for. At present one seems to be logged out quite quickly (either 
>> after a day or once one closes one's browser?) and it might be better 
>> to have cookies only expiring when you logout (or being valid for a v. 
>> long time).
>> Regards,
>> Rufus
>> _______________________________________________
>> kforge-dev mailing list
>> kforge-dev at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/kforge-dev

More information about the kforge-dev mailing list