-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sessionInvalidate() and sessionTimeout TTL on sessionStorage? #5
Comments
A side effect of this problem is that, if you use this extension to store sessions, the sessions will be invalidated according to the TTL and not session activity -- so if your TTL is 2 hours, no session will ever last longer than 2 hours, even if there is activity at the 1 hour and 59 minute mark. |
Pretty sure not everybody is being logged out every two hours (our session timeout) ... We are experiencing issues with sessions randomly expiring, with TTL -1 etc. |
In testing this connector with session storage, I see that it respects the TTL of the cache definition but not sessionTimeout. Consequently, every docker healthcheck and bot is generating a session in redis that lasts as long as the cache TTL and those values are not destroyed by sessionInvalidate().
Is this intended behavior? Whether or not the keys expire according to the cache definition or the sessionTimeout timespan, it does seem that invalidating the session should remove the key from redis.
The text was updated successfully, but these errors were encountered: