Allow to change session expiration without re-saving session data.
|Reported by:||Piotr Czachur||Owned by:||nobody|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||yes||Patch needs improvement:||no|
When authenticated user is accessing pages which don't modify the session, the session expiration time (stored both in COOKIE and in backend) isn't updated, so after settings.SESSION_COOKIE_AGE second he will be logged out despite he's been active for all the time. It's not fair :-). I'm aware that I can force to always update expiration time via settings.SESSION_SAVE_EVERY_REQUEST, it's just inefficient to save session data knowing it wasn't modified at all.
My proposition it to allow to change and save session expiration time without touching session data.
Change History (8)
comment:3 Changed 5 years ago by
|Version:||1.3-alpha → SVN|