It seems like every time I want to go to https://courses.opencraft.com/ , I have to log in all over again. Does someone know what configuration changes are needed to make users stay logged in forever? And can we make that the default for all Ocim instances?
I recall that we’ve done it for some clients, and I think it requires changing a few different settings, which is why I’m asking.
You can log time for this thread on MNG-1817 since that’s where it came up.
All of them. Making the logins short should be opt-in, not opt-out. For nearly all of our clients, having to log in over and over is friction between them and their learners that they do not need.
Granted, active learners should, presumably, be logging in more often, but two weeks isn’t absurd for a break, and happens often enough to be annoying.
Additionally, from what I remember we don’t use database-backed sessions, so each redeployment should cause all users to get logged out. Ref https://tasks.opencraft.com/browse/OC-2096
Update: I have made configuration changes to https://courses.opencraft.com/ to make the session cookies last for a year and use database-backed sessions.
EDXAPP_LMS_ENV_EXTRA:
# Stay logged in for one year, not two weeks
SESSION_COOKIE_AGE: 31536000
# Use database-backed sessions to stay logged in across appserver deploys. We have EDXAPP_CLEARSESSIONS_CRON_ENABLED to clean up old data.
SESSION_ENGINE: django.contrib.sessions.backends.cached_db
EDXAPP_CMS_ENV_EXTRA:
SESSION_COOKIE_AGE: 31536000
SESSION_ENGINE: django.contrib.sessions.backends.cached_db
For now I will test this configuration on courses.opencraft.com (currently deploying a new appserver to test), and if there are no issues I’ll make it a default for all Ocim instances.
See comment on MNG-1938 for more details (including why a past attempt at cached_db was reverted) or to log time.