Merge pull request #383 from ThomasWaldmann/default-session-expiry

shorter default session expiry, fixes #381
2018-10-19 20:06:22 +02:00 · 2018-10-19 20:06:22 +02:00 · 6bd52d7f00
commit 6bd52d7f00
parent 7ba8b6f2fa d494b41a9e
1 changed files with 1 additions and 1 deletions
--- a/nsupdate/settings/base.py
+++ b/nsupdate/settings/base.py
@ -278,7 +278,7 @@ CSRF_COOKIE_HTTPONLY = False
 SESSION_COOKIE_NAME = 'sessionid'
 SESSION_COOKIE_PATH = '/'
 SESSION_COOKIE_HTTPONLY = True
-SESSION_COOKIE_AGE = 14 * 24 * 60 * 60  # 14 days, in seconds (remember_me is True)
+SESSION_COOKIE_AGE = 10 * 60 * 60  # 10 hours, in seconds (remember_me is True), see #381
 SESSION_EXPIRE_AT_BROWSER_CLOSE = True  # more safe (remember_me is False)

 # Allow SHA1 for host update secrets