Overriding session timeout

I’m trying to override the session timeout for students. It’s currently set to 4 weeks. I noticed that the session expiry is hard coded in the _handle_successful_authentication_and_login function:

Is there a reason for it to be hard coded? Is there an easy way of overriding it?


@twlichty, you are welcome to create an upstream PR against the edx-platform repository that makes this configurable via /edx/etc/lms.yml (which has replaced the /edx/app/edxapp/lms.env.json after the Ironwood release) through a Django settings variable.

The most recent update which set this hard-coded value was this PR. But I cannot find any reason as to why this was not made configurable.