Wekan / General
login, tokens and expiration
login, tokens and expiration
Wekan/General · April 14, 2020 at 5:01pmlogin, tokens and expiration
Wekan / General · April 14, 2020 at 5:01pmOnce you have registered and then logged in with Password you get a token with a token expiration date.
If you do not logout ,that token and its expiration determines how long you can go to the site before you have to re-authenticate, correct?
If you logout, is that token still good for the duration of the original expiration date or are you re-issued a new token with a further in future expiration date?
Where can I change that expiration to a longer or short time? (in the api) or (in the GUI) or (in mongo collection)
Can I remove the expiration time so it never times out? (in the api) or (in the GUI) or (in mongo collection)
Can I force the token to expire prematurely with no user activity for a while (like 4 hours)? (in the api) or (in the GUI) or (in mongo collection)
I have an application where for some features for some users are already logged into another application and for many accounts they all see wekan as a web page embed, so getting another challenge/response to auth into wekan is a limitation. Call it a trust relationship between the two apps. The mother app has a very high authentication hurtle (three keys and two factor). Trting to automate or at least streamline the auth back into wekan.
Thanks as always