imo session expires too quickly #209

Open
careljonkhout opened this Issue Mar 8, 2012 · 2 comments

Comments

Projects
None yet
3 participants

Session on 4clojure only last half a day or so. Could it be longer? I know it is a tradeoff againt security, but wikipedia and gmail have session that last for weeks...

Owner

amalloy commented Aug 30, 2012

4clojure doesn't actively expire the session; it's set to be a browser session or something. So it's open until you close all browser windows (eg, my session has been up for months). If someone knows what magic we have to put into a cookie to make it last across browser sessions, I'm happy to add it.

Skyrail commented Aug 31, 2012

I've done a bit of looking around at the various libraries you use and it seems you can pass options through to Ring's wrap-session function from the wrap-noir-session function (see lib-noir docs) One of these options that you can send through is the :cookie-attrs option (see ring docs). I'm not entirely sure what the exact option is but you may be able to set an expiry time. I'll have a play around once I finish work to see if I can come up with anything more concrete.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment