We have the "Session Timeout" field in AdminCP -- Settings -- Options -- Cookies and HTTP Header Options set to "7200", which is 2 hours. We have assumed this applies to people who have NOT checked the 'Remember Me' box when logging in.
However, our users are reporting that despite checking "remember me", they often have to log back in multiple times in a day.
I experience this myself with Chrome on Linux, Chrome on Windows, and Chrome on an Android phone. Whether logging in as the primary administrator or as myself, even after checking "Remember Me", the site forgets that I am logged in (or for some reason my browser deletes my login cookie, assuming that is how it works).
Is the "Session Timeout" field for users who have not checked "Remember Me"?
Assuming so, how is Remember Me implemented -- what should we be seeing in terms of browser cookies, and what can we look for to figure out why the site (or browsers) isn't maintaining whatever information needs to be maintained to make sure that users stay logged in with "Remember Me"?
How long is "Remember Me" supposed to last?
However, our users are reporting that despite checking "remember me", they often have to log back in multiple times in a day.
I experience this myself with Chrome on Linux, Chrome on Windows, and Chrome on an Android phone. Whether logging in as the primary administrator or as myself, even after checking "Remember Me", the site forgets that I am logged in (or for some reason my browser deletes my login cookie, assuming that is how it works).
Is the "Session Timeout" field for users who have not checked "Remember Me"?
Assuming so, how is Remember Me implemented -- what should we be seeing in terms of browser cookies, and what can we look for to figure out why the site (or browsers) isn't maintaining whatever information needs to be maintained to make sure that users stay logged in with "Remember Me"?
How long is "Remember Me" supposed to last?
Comment