-
Graham Cole authored
stop using temporary cookies for logged in users and set a timeout instead. Sessions should now timeout after 48 hours of inactivity, or 8 days since authenticating, whichever comes first. Also fix a bug where we tried to delete users sessions before actually figuring out who they were which stopped logout functioning correctly
Graham Cole authoredstop using temporary cookies for logged in users and set a timeout instead. Sessions should now timeout after 48 hours of inactivity, or 8 days since authenticating, whichever comes first. Also fix a bug where we tried to delete users sessions before actually figuring out who they were which stopped logout functioning correctly
