|
|
|
|
|
|
by 8organicbits
965 days ago
|
|
|
Surprisingly, there's several cookie-based approaches that forget to handle any sort of server-side expiration. Here's one: https://github.com/googleapis/nodejs-firestore-session/issue... I agree that WebSession would benefit from a time since last touched expiration, although I'll point out that a time-based approach doesn't handle the "when device is locked" requirement. |
|
|
I noticed it because I delete site cookies often, and paste them in from a file whenever I want to comment. Occasionally click "logout" without thinking. Got creeped out by that year-in-review thing they do once.