Currently in authenticator/authenticator.go the cookie expiration is hard-coded to two weeks. This should be settable, probably by the appspace user. Maybe there should be some default settable by the appspace owner, and the default value may need to depend on permissions (for when we actually have permissions).
This probably involves DS2DS for remote users to set that setting such that it takes place on the appspace DS.
Currently in
authenticator/authenticator.gothe cookie expiration is hard-coded to two weeks. This should be settable, probably by the appspace user. Maybe there should be some default settable by the appspace owner, and the default value may need to depend on permissions (for when we actually have permissions).This probably involves DS2DS for remote users to set that setting such that it takes place on the appspace DS.