tramck
August 29, 2023, 10:14pm
1
I was scraping through edx-platform code trying to understand why my application’s sessions were getting stored in redis with a higher expiration than expected and I found this line which hard-codes session expiration. https://github.com/openedx/edx-platform/blob/master/openedx/core/djangoapps/user_authn/views/login.py/#L315
What is the reason for doing this rather than allowing django.contrib.session.backends.cache to use the SESSION_COOKIE_AGE setting?
1 Like
braden
August 29, 2023, 10:32pm
2
Oh, that explains it! I tried so many settings on our internal LMS to keep sessions logged in forever, and yet eventually they would always expire.
3 Likes
feanil
August 30, 2023, 1:14pm
3
Yep seems like a bug that was introduced when we wanted to start ignoring the “keep me logged in” checkbox.
committed 12:36PM - 14 Nov 18 UTC
Update session cookie expiry to 4 weeks regardless of remember me
checkbox is ch… ecked or not.
LEARNER-6219
2 Likes
I agree it should use the configuration.