Hi ABP support,
I have a problem. When I check the audit logs detail I see that the username is not recorded. Is this an error? And how can I check it?
Hi @Mehmet, Do you have any updates for this, or is there a new version that has addressed this?
Thanks Mehmet I will upgrade my solution, will let you know the result later.
Hi maliming
Yes, it still happen if the computer was not sleeping. I have a feeling I'll never be logged out if I still open browser. If I close browser and waiting for timeout then reopen the browser, I get the login page. I had set AccessTokenLifetime and AbsoluteRefreshTokenLifetime to 1 minute. I see the refresh token api in the network, one of them fails with invalid_grant (so can not get new token), then a few second some api get error, then I refresh the page (press f5) and I can still access to the system without logout.
I also tried setting expire time for cookies, but it not work .AddCookie("Cookies", options => { options.ExpireTimeSpan = TimeSpan.FromMinutes(1); options.SlidingExpiration = true; });
Hi, this is the case that I have encountered: I login to the browser and kept it open while the computer was put to sleep mode and I could still access without logging in the day after. I have set AbsoluteRefreshTokenLifetime=1800 (30 minutes), Is there a way to force logout in that case?
I tried to change the token lifetime before.
ABP Framework version: v4.1.2 UI type: Angular DB provider: EF Core
We open a new tab and login to the app, then we close that tab. Wait 35 minutes (token lifetime is 30 minutes) then reopen the tab that we just closed, we can still access to the app. Or I left session open overnight, and the next morning I was still able to continue working on it. How can automatically logout after a while of not using the app?