I noticed a few issues with the admin login session:
session_timeout
can be changed in the config, the cookie lifetime is limited to a single browser session, so whenever a browser is restarted, you have to log in again. This is particularly inconvenient on mobile, where the OS tends to unload the browser pretty aggressively.session_timeout
since the login, even if you've been using the app all along. I think it would be better to refresh the cookie regularly to prevent that.I'd be happy to propose a patch for both issues.
How can I change
session_timeout
in the config? Didn’t find this info in documentation.
I believe
session_timeout = 123
would work, where123
is the duration in seconds. However, as I described above, that won't buy you much because of the limited cookie lifetime.