New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Accounts package loginExpirationInDays option not working #5121

Closed
bradvogel opened this Issue Sep 8, 2015 · 20 comments

Comments

Projects
None yet
@bradvogel
Contributor

bradvogel commented Sep 8, 2015

_5 Upvotes_ According to the docs at http://docs.meteor.com/#/full/accounts_config, the code:

Accounts.config({
    loginExpirationInDays: null
});

should disable login token expiration. However, I'm not sure this is working locally for me. After looking into the code briefly, it looks like line https://github.com/meteor/meteor/blob/master/packages/accounts-base/accounts_common.js#L170 should include check for null explicitly like what is done on the server-side here: https://github.com/meteor/meteor/blob/master/packages/accounts-base/accounts_server.js#L879

Is that a bug?

@bradvogel bradvogel changed the title from Setting to Setting Accounts.config({loginExpirationInDays: null}) not working? Sep 8, 2015

@bradvogel

This comment has been minimized.

Contributor

bradvogel commented Sep 8, 2015

Additionally, it looks like the function https://github.com/meteor/meteor/blob/master/packages/accounts-base/accounts_common.js#L170 is called synchronously when the app boots up, unsetting the login token (using the default loginExpirationInDays value of 90 days), before my Accounts.config() call has even been run. Shouldn't this be on a defer to wait for Accounts.config() to be called?

@bradvogel bradvogel changed the title from Setting Accounts.config({loginExpirationInDays: null}) not working? to Accounts package loginExpirationInDays option not working Sep 8, 2015

@benjamn benjamn added the confirmed label Sep 15, 2015

@benjamn

This comment has been minimized.

Member

benjamn commented Sep 15, 2015

This looks like a real bug that would be worth fixing. Thanks for the report!

@bradvogel

This comment has been minimized.

Contributor

bradvogel commented Oct 14, 2015

Ping @benjamn @stubailo . Would be great to fix this :)

@psyfreak

This comment has been minimized.

psyfreak commented Oct 16, 2015

+1

1 similar comment
@svda

This comment has been minimized.

Contributor

svda commented Dec 3, 2015

+1

@CTimmerman

This comment has been minimized.

CTimmerman commented Dec 3, 2015

I managed to set the meteor_login_token cookie to end with the browser session, but next start it gets set again from localStorage. If i delete localStorage["Meteor.loginToken"] then the cookie disappears as well and the login is gone.

@khell

This comment has been minimized.

khell commented Feb 12, 2016

It would be really appreciated if this could be fixed!

@bradvogel

This comment has been minimized.

Contributor

bradvogel commented Mar 3, 2016

+1 This is a big issue for us (Mixmax)

@lorensr

This comment has been minimized.

Collaborator

lorensr commented Mar 3, 2016

Haha you're keeping an upvote tally @ top? Count me in 😊

@redreamality

This comment has been minimized.

redreamality commented Mar 10, 2016

any updates?

@redreamality

This comment has been minimized.

redreamality commented Mar 10, 2016

@bradvogel

This comment has been minimized.

Contributor

bradvogel commented Apr 14, 2016

Bump on this. This is really bad.

@Sivli-Embir

This comment has been minimized.

Sivli-Embir commented May 24, 2016

+1

1 similar comment
@leizard

This comment has been minimized.

leizard commented Jun 8, 2016

+1

@Sivli-Embir

This comment has been minimized.

Sivli-Embir commented Jul 13, 2016

+1 (sorry forgot I had already bumped)

@mattiLeBlanc

This comment has been minimized.

mattiLeBlanc commented Sep 15, 2016

I know it is a slight variation, but it would be nice to configure the expiry in minutes too!
I want the session to expire (financial product) more aggressively and it is very hard to do this right now.

@ntoepker

This comment has been minimized.

ntoepker commented Nov 30, 2016

temporary bugfix: set services.resume.loginTokens.when in the user object to a future date to achieve that the login doesn't expire

@glasser

This comment has been minimized.

Member

glasser commented May 17, 2017

I agree that there is a bug here. One workaround would be to set loginExpirationInDays to a very large number like 365*30 (30 years) rather than null.

@SimonSimCity

This comment has been minimized.

Contributor

SimonSimCity commented Jun 19, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment