Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Accounts package loginExpirationInDays option not working #5121

Closed
bradvogel opened this issue Sep 8, 2015 · 20 comments
Closed

Accounts package loginExpirationInDays option not working #5121

bradvogel opened this issue Sep 8, 2015 · 20 comments

Comments

@bradvogel
Copy link
Contributor

@bradvogel bradvogel commented Sep 8, 2015

_5 Upvotes_ According to the docs at http://docs.meteor.com/#/full/accounts_config, the code:

Accounts.config({
    loginExpirationInDays: null
});

should disable login token expiration. However, I'm not sure this is working locally for me. After looking into the code briefly, it looks like line https://github.com/meteor/meteor/blob/master/packages/accounts-base/accounts_common.js#L170 should include check for null explicitly like what is done on the server-side here: https://github.com/meteor/meteor/blob/master/packages/accounts-base/accounts_server.js#L879

Is that a bug?

@bradvogel bradvogel changed the title Setting Setting Accounts.config({loginExpirationInDays: null}) not working? Sep 8, 2015
@bradvogel
Copy link
Contributor Author

@bradvogel bradvogel commented Sep 8, 2015

Additionally, it looks like the function https://github.com/meteor/meteor/blob/master/packages/accounts-base/accounts_common.js#L170 is called synchronously when the app boots up, unsetting the login token (using the default loginExpirationInDays value of 90 days), before my Accounts.config() call has even been run. Shouldn't this be on a defer to wait for Accounts.config() to be called?

@bradvogel bradvogel changed the title Setting Accounts.config({loginExpirationInDays: null}) not working? Accounts package loginExpirationInDays option not working Sep 8, 2015
@benjamn benjamn added the confirmed label Sep 15, 2015
@benjamn
Copy link
Member

@benjamn benjamn commented Sep 15, 2015

This looks like a real bug that would be worth fixing. Thanks for the report!

@bradvogel
Copy link
Contributor Author

@bradvogel bradvogel commented Oct 14, 2015

Ping @benjamn @stubailo . Would be great to fix this :)

@psyfreak
Copy link

@psyfreak psyfreak commented Oct 16, 2015

+1

1 similar comment
@svda
Copy link
Contributor

@svda svda commented Dec 3, 2015

+1

@CTimmerman
Copy link

@CTimmerman CTimmerman commented Dec 3, 2015

I managed to set the meteor_login_token cookie to end with the browser session, but next start it gets set again from localStorage. If i delete localStorage["Meteor.loginToken"] then the cookie disappears as well and the login is gone.

@khell
Copy link

@khell khell commented Feb 12, 2016

It would be really appreciated if this could be fixed!

@bradvogel
Copy link
Contributor Author

@bradvogel bradvogel commented Mar 3, 2016

+1 This is a big issue for us (Mixmax)

@lorensr
Copy link
Member

@lorensr lorensr commented Mar 3, 2016

Haha you're keeping an upvote tally @ top? Count me in 😊

@redreamality
Copy link

@redreamality redreamality commented Mar 10, 2016

any updates?

@redreamality
Copy link

@redreamality redreamality commented Mar 10, 2016

@bradvogel
Copy link
Contributor Author

@bradvogel bradvogel commented Apr 14, 2016

Bump on this. This is really bad.

@Sivli-Embir
Copy link

@Sivli-Embir Sivli-Embir commented May 24, 2016

+1

1 similar comment
@leizard
Copy link

@leizard leizard commented Jun 8, 2016

+1

@Sivli-Embir
Copy link

@Sivli-Embir Sivli-Embir commented Jul 13, 2016

+1 (sorry forgot I had already bumped)

@mattiLeBlanc
Copy link

@mattiLeBlanc mattiLeBlanc commented Sep 15, 2016

I know it is a slight variation, but it would be nice to configure the expiry in minutes too!
I want the session to expire (financial product) more aggressively and it is very hard to do this right now.

@ntoepker
Copy link

@ntoepker ntoepker commented Nov 30, 2016

temporary bugfix: set services.resume.loginTokens.when in the user object to a future date to achieve that the login doesn't expire

@glasser
Copy link
Member

@glasser glasser commented May 17, 2017

I agree that there is a bug here. One workaround would be to set loginExpirationInDays to a very large number like 365*30 (30 years) rather than null.

@SimonSimCity
Copy link
Contributor

@SimonSimCity SimonSimCity commented Jun 19, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.