Skip to content
Snippets Groups Projects
Commit 1aa3c95c authored by Art's avatar Art :lizard:
Browse files

Improve the SESSION_COOKIE_AGE check

parent 473b48a1
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 5 additions and 0 deletions
ssoauth/checks.py
+ 5
0
View file @ 1aa3c95c
...@@ -140,6 +140,11 @@ def session_lifetime(app_configs, **kwargs): ...@@ -140,6 +140,11 @@ def session_lifetime(app_configs, **kwargs):
"Please reduce SESSION_COOKIE_AGE to at most {max_wanted} or set SESSION_EXPIRE_AT_BROWSER_CLOSE = True".format(**locals()), "Please reduce SESSION_COOKIE_AGE to at most {max_wanted} or set SESSION_EXPIRE_AT_BROWSER_CLOSE = True".format(**locals()),
obj=conf.settings, obj=conf.settings,
)) ))
if conf.settings.SESSION_COOKIE_AGE > 60 * 60 * 24: # >24h is too much even with SESSION_EXPIRE_AT_BROWSER_CLOSE
errors.append(Error(
"SESSION_COOKIE_AGE is too high. This means users can stay logged in longer than their accounts are active.",
obj=conf.settings,
))
return errors return errors
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment