-
-
Notifications
You must be signed in to change notification settings - Fork 416
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FIX] auth_session_timeout: getmtime
always return current time
#373
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💯
@alexeirivera87 @lonelyleaves @prakashjain |
@gaikaz Thanks for the update. I tried updated fix but still same problem. session.get("last_active_time", time()) always showing current time. Inactive user timeout functionality not working configured 2 or 5 minutes, but timeout not working |
@prakashjain Does your Odoo run on Docker or SH? |
@gaikaz Odoo 14 community edition in my local system Ubuntu OS checked. Docker not installed. |
@prakashjain It must be a different issue for you then as it should work in your case IMO. |
@gaikaz After adding inactive_session_time_out_ignored_url Value /longpolling/im_status working. Updated value:-
I have one query in my custom module inactive user session log out some users restrict this functionality. For Example, some user login and access data through API postman. How to restrict this functionality while user login or access screen through API user?. |
@prakashjain About the API stuff, I suppose you could also add the |
There hasn't been any activity on this pull request in the past 4 months, so it has been marked as stale and it will be closed automatically if no further activity occurs in the next 30 days. |
Would it be possible to get this PR merged as the current solution in 14.0 is not working? |
Fixed: #259
We can't assume that this module is the only one modifying the time of session files. For some reason, on Docker instances of Odoo (that includes Odoo.SH) these session files get modified on each page reload even before
getmtime
in this module is called, which means it never expires.This solution seems more elegant and common among the whole WWW when it comes to expiring sessions.
It also removes the need for try/exept blocks and the tests that came with them; Removes the need of os imports.