Long login sessions

[jhogendorn]

It would be great to have long sticky login sessions so i dont have to auth every time i open the portal.

[jabelone]

Login sessions should already be essentially "forever" unless the server's private key is rotated or a user password change happens. Can you please provide a list of reproducible steps and browser/os etc. if your session is expiring? I just tested,(by going to portal.hsbne.org) and it showed the login page for a brief moment and kicked me over to the dashboard because I was already logged in.

[jhogendorn]

I'll track what the conditions are next time it asks me to login. its typically on my phone where it always wants auth.

[jhogendorn]

Yeah this is consistent, every time i open the portal using chrome on my iphone it wants me to login. I've also noticed if i fill in the passwords with my password manager, it doesnt detect the password and wont let me login so i have to do it twice. this seems to be only a thing on the phone.

[jabelone]

Ok I'll have a look and see if I can reproduce it. I've been using the development build of the iOS app recently so I may not have noticed it.

[jhogendorn]

I'm happy to sit down and demo/debug this issue on a tuesday or something if it helps. or i can take a screen recording if thats useful?

[jabelone]

I'll let you know if I can't repro it. :)

[jabelone]

This has been resolved in v2.4.1. There was a bug with mobile detection logic that meant the browser version on iOS was using mobile app logic (and JWTs instead of cookies), and there was a bug in the JWT refresh logic which meant the JWT was never properly refreshed. A new beta version has been submitted to test flight for review and this will be rolled out to the HSBNE portal shortly.

[jhogendorn]

fwiw I'm still having to login every time on the web and app. and the password manager flow doesn't work as discussed so its a long process to get in each time.