Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sessionInvalidate() and sessionTimeout TTL on sessionStorage? #5

Open
MordantWastrel opened this issue Dec 27, 2018 · 2 comments
Open

Comments

@MordantWastrel
Copy link

In testing this connector with session storage, I see that it respects the TTL of the cache definition but not sessionTimeout. Consequently, every docker healthcheck and bot is generating a session in redis that lasts as long as the cache TTL and those values are not destroyed by sessionInvalidate().

Is this intended behavior? Whether or not the keys expire according to the cache definition or the sessionTimeout timespan, it does seem that invalidating the session should remove the key from redis.

@MordantWastrel
Copy link
Author

A side effect of this problem is that, if you use this extension to store sessions, the sessions will be invalidated according to the TTL and not session activity -- so if your TTL is 2 hours, no session will ever last longer than 2 hours, even if there is activity at the 1 hour and 59 minute mark.

@itimgit
Copy link

itimgit commented Oct 14, 2019

Pretty sure not everybody is being logged out every two hours (our session timeout) ... We are experiencing issues with sessions randomly expiring, with TTL -1 etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants