Session never expires

masterit · September 12, 2016, 12:52pm

Hello

I have AuthFeature with SessionExpiry on server set to 5 seconds.
If I authenticate while I’m already authenticated, then the session will never expire.
Code sample:

Plugins.Add(
                new AuthFeature(
                    () => new AuthUserSession(),
                    new IAuthProvider[] { new CredentialsAuthProvider() { SessionExpiry = TimeSpan.FromSeconds(5) } }
                    )
            );

Is this bug or I am missing some setting?

Kind regards.

xplicit · September 12, 2016, 3:05pm

It looks like a bug. I am able to reproduce the issue, session is not saved with SessionExpiry on second authentication request. We will look into it.

mythz · September 12, 2016, 3:57pm

You can also override OnSaveSession() on your AppHost to force the same expiry on all Sessions, e.g:

public override void OnSaveSession(IRequest req, IAuthSession session, TimeSpan? expiresIn=null)
{
    return base.OnSaveSession(req, session, TimeSpan.FromSeconds(5));
}

xplicit · September 12, 2016, 4:43pm

Should be fixed with this commit. This change is available on ServiceStack MyGet feed

masterit · September 13, 2016, 5:54am

Thank you for excellent and fast support.