Skip to content

v2.10.6

Latest

Choose a tag to compare

@yohamta0 yohamta0 released this 11 Jul 09:41
ab06527

v2.10.6 (2026-07-11)

Built-in authentication now works correctly with long-lived tokens. Previously, token TTLs of around 25 days or longer could exceed the browser timer limit, causing the frontend to clear an otherwise valid session immediately after login. Subsequent API requests would then fail with 401 Unauthorized.

Token expiration is now scheduled in browser-safe intervals while using the token's actual expiry time as the source of truth. Configurations such as 2160h (90 days) now work as expected.

Important

Built-in authentication token TTLs are now limited to 8760h (365 days). Larger values are rejected during startup validation and must be reduced before upgrading.

Fixed

Contribution Contributor
bug: builtin auth TTL bug tsfxpro @ Discord (report)