Closed rezasarvani closed 3 years ago
SRAPSpencer
commented
3 years ago User sessions are refreshed often but it should be invisible to the user. Do you have unique user accounts for all of your users? Sharing accounts will cause others logged in with the same credentials to be kicked back to the login screen.
rezasarvani
commented
3 years ago No, I user the same credential for all of my users but now i tried it and when i login with same user again, my previous session doesn't get expired but when i leave vectr alone for about~10min, i get redirected to the login screen
doodleincode
commented
3 years ago This is the expected behavior. A user cannot be logged into multiple devices or have multiple sessions at the same time. For example, if user "A" logs in and then they log in again somewhere else, the first session will become invalidated. When a JWT refresh occurs in the first session and because that session is not valid, a new JWT will not be issued and you will be force logged out. However, during a force logout, all sessions are invalidated which means you will be logged out everywhere.
The best practice is to create separate user accounts for each person that will be using VECTR. If you need to view multiple VECTR pages side-by-side, open each page into a tab.
rezasarvani
commented
3 years ago Thanks a lot for you responses I created separated users and that solved my problem thanks again <3
Hi, Thanks A Lot For This Great Product Session Timeout is very Short And Whenever I Try To Work With Vectr And Perform An Attack Alongside, My Session Will Be Revoked And Timeout Very Soon Is There A Way To Increase The Timeout Duration?