Keep getting signed out #12
Comments
|
Don't mind me, I'll be a pest about all the issues I see. I love the fact that this is open source software, which is why I can keep giving my input. |
|
This is a security measure. It is a single page application using a Websocket connection. So, whenever you close your browser, refresh the page, your connection will be closed and you will be forced to login again. Also, there is no need to refresh, because the app is realtime. There are some grids that requires the user to refresh, but there is always a refresh button inside the grid, so you don't have to click on it. Creating sessions is dangerous, since most of the users do not logout when they leave a website. This opens door to hackers |
|
Wouldn't it be more practical to close a session after a 15 minute window, instead of instantaneously when the Logo is clicked? It's a good tradeoff between security and usability. I understand the refresh case will be a tad bit more difficult to deal with. |
|
15 minutes is enough for a hacker clean your account :) Clicking on the logo should take you to the initial page. I will fix that. |
|
Thank you for that. However, I'd still encourage to keep this issue open. CEX.io has a timeout of 15 minutes, Coinbase goes even longer. Let this issue gain a few more votes please. |
|
+1 for keeping a session open and maybe allow users to request 2FA token upon every action, which could be a nice security countermeasure |
|
Hi @felipecsl and @amingilani Are you still having connection issues? Thanks, |
Refreshing the page or clicking the logo signs a user out. Even if you've just signed in.
The text was updated successfully, but these errors were encountered: