Limit remembered logins to 7 days, so that old cookies will eventually expire

2013-02-21 09:05:19 -05:00
parent 3fe6a74e76
commit 3d36736cf3
1 changed files with 1 additions and 1 deletions
--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -385,7 +385,7 @@ def login_user(request, error=""):
        try:
            login(request, user)
            if request.POST.get('remember') == 'true':
-                request.session.set_expiry(None)  # or change to 604800 for 7 days
+                request.session.set_expiry(604800)
                log.debug("Setting user session to never expire")
            else:
                request.session.set_expiry(0)