New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Remember me" option #174

Open
Abyss777 opened this Issue May 28, 2015 · 3 comments

Comments

Projects
None yet
3 participants
@Abyss777

Abyss777 commented May 28, 2015

It's given:
I have to enter username and password in desktop browser only once until server reboot.
I have to reenter username and password almost all times after i've reconnected from 3g to wifi and back (and even while moving along the city) in mobile phone.

I suppose web session connected to client IP.
Is it possible to disconnect web session from client IP or add tick to logon screen like "Remember Me" ?

@vitalidze

This comment has been minimized.

Show comment
Hide comment
@vitalidze

vitalidze May 29, 2015

Owner

Actually it does exact same thing for authentication as the desktop version. It stores a special Cookie with session identification, which has Sesssion expiration, which means that it expires once you close the web browser. But yes, I think this can be updated by using a cookie with hard coded expiration date. Moreover, some time ago I thought about storing session information directly in Cookie so it will survive even server restarts.

Owner

vitalidze commented May 29, 2015

Actually it does exact same thing for authentication as the desktop version. It stores a special Cookie with session identification, which has Sesssion expiration, which means that it expires once you close the web browser. But yes, I think this can be updated by using a cookie with hard coded expiration date. Moreover, some time ago I thought about storing session information directly in Cookie so it will survive even server restarts.

@Abyss777

This comment has been minimized.

Show comment
Hide comment
@Abyss777

Abyss777 May 29, 2015

Hm. It's a feature of desktop Chrome. It doesn't clear "session" cookies on exit if it's configured as "Continue where you left off."
But mobile Chrome sometimes looses session even if it is not closed. (i.e. I'm driving a car and watching device moving in mobile phone through 3G. At some point, device stops moving on map, I'm refreshing the page and have to enter credentials again.)
May be mobile Chrome clear "session" cookies on loosing internet connection...(it's hard to debug)

Anyway, It would be nice to have two features:

  • Tick "Remember me" on logon screen
  • Button in Users dialog "Forget user sessions" if user selected in list and "Forget all users sessions" if no one user selected. Or your version how to implement this. This feature is for security reasons.

Abyss777 commented May 29, 2015

Hm. It's a feature of desktop Chrome. It doesn't clear "session" cookies on exit if it's configured as "Continue where you left off."
But mobile Chrome sometimes looses session even if it is not closed. (i.e. I'm driving a car and watching device moving in mobile phone through 3G. At some point, device stops moving on map, I'm refreshing the page and have to enter credentials again.)
May be mobile Chrome clear "session" cookies on loosing internet connection...(it's hard to debug)

Anyway, It would be nice to have two features:

  • Tick "Remember me" on logon screen
  • Button in Users dialog "Forget user sessions" if user selected in list and "Forget all users sessions" if no one user selected. Or your version how to implement this. This feature is for security reasons.

@Abyss777 Abyss777 changed the title from Web session stability (for mobile) to "Remember me" option May 29, 2015

@superservidor

This comment has been minimized.

Show comment
Hide comment

superservidor commented Jan 11, 2016

+1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment