question: Keeping users logged in longer?

[poperigby]

I'm a bit confused on how to keep users logged in for longer. I set my cookie lifetime to 1440, and it definitely wasn't lasting that long. I would just get booted from my services and have to login again every once in a while.

[greenpau]

@poperigby , please create a gist of your Caddyfile and share it here.

The “cookie lifetime” is the max lifetime of a cookie in a browser cache. It should be send to something like 8 hours.

The “crypto key lifetime” is the lifetime of the JWT token inside the cookie. That is set to 15 minutes by default.

You probably want to keep the “crypto key lifetime” as is, but set cookie lifetime to days. When the token expires, the cookie carrying it is still “alive” and serves as a clue for a redirection.

[poperigby]

please create a gist of your Caddyfile and share it here

Here

You probably want to keep the “crypto key lifetime” as is, but set cookie lifetime to days. When the token expires, the cookie carrying it is still “alive” and serves as a clue for a redirection.

The thing is, even when I set it to 24 hours, it definitely wasn't lasting that long.

[greenpau]

@poperigby , set the following. That would keep session up for an hour, while keeping your cookie alive for 2 hours.

authentication portal myportal {
  crypto default token lifetime 3600
  cookie lifetime 7200

Want to keep it alive for a day?

authentication portal myportal {
  crypto default token lifetime 86400
  cookie lifetime 172800

[poperigby]

Thanks.