Forum issue

Axios

This is just really for the mods I was real tired last nite kinda just crashed shut off computer
this morning when I came to forum (I was still logged in) was here a couple times during the nite sleep walking lol
(just reading) but still think it should have closed the connection
I think this would be a security issue and maybe would want to be addressed
usually I think there is some kind of connection timeout.
Dunno just thought I would mention it
Maybe its a non-issue

Staudey

I'm not quite sure I understand what you're asking. Surely we don't want users to be logged-out after only a single night?

Axios

Staudey I shut the computer off without logging out of forum
Turned computer on hours later was still logged into forum
When I turned my computer off shouldnt the server have closed connection or waited a few then done so
Sorry if i was not clear may be a non issue only happened this one time.

[deleted]

Axios if you want your browser to not remember active sessions then you should tweak that in your browser settings

Axios

[deleted] Noooooooooooooooooo!!!
LOL sorry lost my composure..
Thats non issue because I dont save passwords on computer and I dont think it would have logged me in
anyways?
And if it did do that it is a big security risk If you ask me!!!!
Its funny you mention that cause after the mate install firefox that is turned on normally I dont use it
Ahhh dont think thats the issue.

Staudey

You'll have to disable session cookies or manually log-out every time if you don't want to stay logged-in.
I assume you're using a shared computer? (otherwise I don't see the "security risk")

Axios

Staudey Nevermind guess I am not explaining it good...LOL

brent

it is a browser setting for sure. when my broswer closes I have it set to delete all cookies/history so next time I open it I'm logged out of everything. this does not work for all accounts though. and it doesn't work all the time either🙂. but sometimes.
...I'm usually kicked out of SOlus after a few hours of inactivity like if I left the house a while. I always thought that was on Solus' end.
Now I'm confused🙂

Axios

brent I have mine set the same way and like I said (I dont save passwords on computer)
(Delete cookies ect set)

So you are telling me if I log into the forum then close browser and shut computer off
The next time I turn computer on and launch browser I will be auto logged into the solus forum?

brent

Axios So you are telling me if I log into the forum then close browser and shut computer off
The next time I turn computer on and launch browser I will be auto logged into the solus forum?

No, not telling you that I think. It's not unusual what happened to you and it won't always happen. If I turned off computer, stayed logged in, shut down, rebooted later, launched browser....and find myself still logged in....
I wouldn't be that surprised. except for firefox I dont see consistent security things in action that I set in settings. only sometimes.
Most of the time stay logged, shut down, reboot later, launch browser will result in you being logged out.
I guess the short version of what I'm trying to say is simply this behavior is not guaranteed 100 out 100 times. Maybe 75. or less. or more.
edit/the ^^ way I remember it shaking out every day for me, not necessarily what a man page claims🙂

[deleted]

Axios

The next time I turn computer on and launch browser I will be auto logged into the solus forum?

That would still be a browser side issue, it either doesn't wipe your cookies or active sessions. I think Flarum also has some sort of timeout but that's most likely more than just 24 hours.

Axios

brent If I turned off computer, stayed logged in, shut down, rebooted later, launched browser....and find myself still logged in....
I wouldn't be that surprised

I would because it shouldnt happen If I manually type my login and dont save passwords
(where is the browser storing that info after a shutdown?) (Security risk)
OR
A server when you are connected and logged in if you lose connection (they are set up to close the connection
you had so when you go back you should have to login again)
otherwise the forum is holding that connection open indefinately for some reason

Best and safest bet is to logout each time
wasnt being a grouch you seem to understand it
thats how I see it

brent

Axios I would because it shouldnt happen If I manually type my login and dont save passwords
(where is the browser storing that info after a shutdown?) (Security risk)

ok, you are saying if stayed logged in then eventually, between the browser or Flarum, someone/something should have logged you out. fair enough. sometimes that happens. it's storing your password probably in a cooklie---I have guiltily used "remember me" in logins knowing that cookies are created when you do that.

here's some perspective for you:
ungoogled is set to delete cookies when browser closes. and history (tabs, forms etc).
scenario 1) I stay logged in to Solus, ebay, regular mail etc, shut down computer (not browsers), wake up next day, boot up, launch browser, and still logged in: sometimes I am and sometimes the browser logs me out

scenario 2) I stay logged in to Solus, ebay, regular mail etc, shut down browser, then computer, wake up next day, boot up, launch browser, and still logged in: sometimes I am and sometimes the browser logs me out

scenario 3) hard boot. no change.

What I'm trying to say is the only thing consistent with logins is the wild inconsistency between browser and flarum.
I've never known consistency in the situation you describe. I think browsers get so bad sometimes they treat their settings like suggestions instead of actions.
You are right: somewhere down the pike you should have been logged out. when in doubt do it manually.

Axios

brent Been reading up on that remember me feature.(Appears I had forgotten about it..lol)
I dont store passwords on computer and I never use the remember me feature and browser set to clear all that
stuff
Usually I run with (cookie auto delete) but was trying to slim down browser abit I put it back maybe thats
why I have never seen a problem
Just blew my mind when everyone said browser something glitched not sure what was at fault
But prob was the browser
Ever have one those days..haha

brent

Axios you like the weird stuff? (I know the answer is no!) it gets weirder. I can cookie auto delete (I did in the day) and have the browser do it as well.
Any chrome knockoff: look and see what the browser stores after telling you they "delete" cookies daily per session. It's usually a lie. Once I see for myself it's disappointing but the price of chromium sometimes.
Any Firefox: usually true to their word. If I check it after it launches it's usually empty of cookies.
Lesson: is there ever one?🙂

Axios

brent Ya just had that happen with cookies on a website auto delete extension didnt delete them
but they did clear on firefox restart.
Interesting will have to keep an eye on it

Axios

[deleted] Well to be honest I never had that happen and it took me awhile to get my bearings
on the matter.
I think I was aware that it could happen just forgot..lol
Maybe what happen I was entering the forum from inside the solus homepage and not directly but not going
dig into it to deep no reason to.(should not be issue but does give extra cookie)
Heck I dunno maybe the remember me box got checked who knows.
Also was trying slim down my browser extensions but put all that back in place because I know it works and been using it for years (safety oriented extensions)

riffer

I'm using the Mullvad browser and all I have to do is quit the browser and I have to log back into every website when I come back, including this one. To be honest it is a little annoying, but I guess that is the price for a minuscule extra amount of security 🙂