flask-login: Chrome ignoring cookie expiration?

后端未结

关注

 1  1365

逝去的感伤 2021-01-31 06:25

I\'ve got the authentication working with flask-login, but it seems like no matter what I use for the cookie duration in flask, the session is still authenticated. Am I setting

1条回答

没有蜡笔的小新 (楼主)

2021-01-31 07:16
REMEMBER_COOKIE_DURATION is used for "Remember me" functionality, that is, how long to remember logged in user even if he closed the browser. The separate cookie is used for that, the name of which can be set by REMEMBER_COOKIE_NAME (remember_token by default). To force login session to expire after some time (even if the browser is still kept running), set PERMANENT_SESSION_LIFETIME somewhere where you keep your app settings:
```
PERMANENT_SESSION_LIFETIME = datetime.timedelta(minutes=30)
```
And in your login view set session.permanent = True:
```
from flask import session

@app.route('/login')
def login():
    # ...
    if login_user(user):
        session.permanent = True
        return redirect(request.args.get('next') or url_for('index'))
    # ...
```
0 讨论(0)
发布评论:

提交评论
- 加载中...