Hi, I've got one member of our forum who never logs out manually and just keeps being inactive when not browsing it. But every once in a while (several weeks+, it happened about 3-4 times now), he reports that he got logged out, even though the expiration time for sessions is set to "never".
I happen to notice that this some times somehow coincided with my editing/replacing of files while working on my theme - or at least the time frame fits.
So my question, could it somehow affect somebody's login status if I replace files like indexTemplate.php or index.css and the like?
Quote from: Julius_2000 on March 20, 2023, 08:00:10 AMSo my question, could it somehow affect somebody's login status if I replace files like indexTemplate.php or index.css and the like?
That shouldn't affect it.
Does the user have 2FA active?
Some browsers will occasionally log out, possibly for security reasons. Android FF does on my tab.
And of course some browsers can drop long-life cookies out of privacy tracking related behaviours. The "forever" login is a long time.
But in general the only times that (normally) you'd get logged out with file changes are 1) you change the cookie name in Settings.php, or 2) you do the upgrade from 2.0 to 2.1 where the cookie content structurally changed (though 2.1 does try to preserve your cookie)
Thanks for your replies!
Quote from: Kindred on March 20, 2023, 09:48:31 AMDoes the user have 2FA active?
Yes, he says that he does. Does that have an impact on anything?
Quote from: Sir Osis of Liver on March 20, 2023, 12:47:43 PMSome browsers will occasionally log out, possibly for security reasons. Android FF does on my tab.
Quote from: Arantor on March 20, 2023, 01:06:21 PMAnd of course some browsers can drop long-life cookies out of privacy tracking related behaviours. The "forever" login is a long time.
Interesting. He reports that he only gets this with our forum while he can stay forever on other sites he's not logged out of manually without any issues.
2FA will not allow a "forever" login. I believe that it will require a re-login every month or two.
Quote from: Kindred on March 21, 2023, 07:49:30 AM2FA will not allow a "forever" login. I believe that it will require a re-login every month or two.
Is this SMF specific or in general? Because he says he doesn't encounter this anywhere else. But I'll tell him it could be a reason.
I think it is a bug/feature specific to SMF...
We noticed it here a few months ago
Ah, thank you. At least I can comfort him that it's not on his end and only happening at the forum. No biggie. Thanks!