Open ptrckbp opened 2 years ago
Default behaviour is configurable, see botpress.config.json
. here : https://github.com/botpress/botpress/blob/ea51a7bcd816143879f24e7cf1bd32f80344800e/packages/bp/src/core/config/botpress.config.ts#L482
and see rudimental doc here : https://botpress.com/docs/advanced/authentication
Is this really a bug do you ? IMO it's more of a feature request
I thought about putting it under feature too, but It can lead to new users abandoning, due to being locked out, I think it's pretty important. Is there a strong reason for not changing the default behaviour?
thanks - we will not change this behavior - this is required for security reasons
We have agents working on HITL who are being logged out in the middle of their work.
Increasing the duration is not an option and it involves security risks.
A user session should timeout only after a pre-defined period of idle time
.
This happens even though allowRefresh
is set to true
.
Describe the bug![image](https://user-images.githubusercontent.com/87815239/128717157-d8dbbf1b-8f73-42e1-bb77-a986d8908be7.png)
The application often logs out while i'm working.
To Reproduce Steps to reproduce the behavior:
Expected behavior I don't expect it to log out while i'm working on it. If a log out is required for security reasons for many users, I think it should be activated through an optional parameter in the settings.
Additional context This may be happening more often to me because I work with multiple monitors, and it seems to be activated on window switch. Botpress is always open on one of my monitors though.
I think this is a problem for two reasons :