Session never expires

Hello

I have AuthFeature with SessionExpiry on server set to 5 seconds.
If I authenticate while I’m already authenticated, then the session will never expire.
Code sample:

Plugins.Add(
                new AuthFeature(
                    () => new AuthUserSession(),
                    new IAuthProvider[] { new CredentialsAuthProvider() { SessionExpiry = TimeSpan.FromSeconds(5) } }
                    )
            );

Is this bug or I am missing some setting?

Kind regards.

It looks like a bug. I am able to reproduce the issue, session is not saved with SessionExpiry on second authentication request. We will look into it.

You can also override OnSaveSession() on your AppHost to force the same expiry on all Sessions, e.g:

public override void OnSaveSession(IRequest req, IAuthSession session, TimeSpan? expiresIn=null)
{
    return base.OnSaveSession(req, session, TimeSpan.FromSeconds(5));
}

Should be fixed with this commit. This change is available on ServiceStack MyGet feed

Thank you for excellent and fast support.