search

aaugustin / django-sesame

"Magic Links" - URLs with authentication tokens for one-click login
https://django-sesame.readthedocs.org/
BSD 3-Clause "New" or "Revised" License
980 stars 57 forks source link

Documentation: clarify dynamic max_age is ignored with SESAME_MAX_AGE = None (the default) #106

Closed silviogutierrez closed 9 months ago

silviogutierrez commented 9 months ago

I suspected this, as the docs clearly state SESAME_MAX_AGE set to None means we have no timestamps of any kind.

But authenticate and get_user will still happily accept max_age=5 but this will be silently ignored.

Not a huge issue, but given SESAME_MAX_AGE defaults to None, worth clarifying.

Let me know if this makes sense and I can open a docs PR.

Thanks for all the great work on this library.

aaugustin commented 9 months ago

You're supposed to get a warning for this. Are you not seeing the warning?

silviogutierrez commented 9 months ago

You're right, I am. I must have missed it in all the server output.

Thanks again.