Inactive Sessions Timeout

Beta License: AGPL-3 OCA/server-auth Translate me on Weblate Try me on Runbot

This module was written to be able to kill(logout) all inactive sessions since a given delay. On each request the server checks if the session is yet valid regarding the expiration delay. If not a clean logout is operated.

Table of contents

Configuration

Two system parameters are available:

  • inactive_session_time_out_delay: validity of a session in seconds (default = 2 Hours)
  • inactive_session_time_out_ignored_url: technical urls where the check does not occur

Usage

Setup the session parameters as described above.

Bug Tracker

Bugs are tracked on GitHub Issues. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed feedback.

Do not contact contributors directly about support or help with technical issues.

Credits

Authors

  • ACSONE SA/NV
  • Dhinesh D
  • Jesse Morgan
  • LasLabs

Contributors

Maintainers

This module is maintained by the OCA.

Odoo Community Association

OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.

This module is part of the OCA/server-auth project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author, please use the developer contact information. They can usually be found in the description.
Please choose a rating from 1 to 5 for this module.
Unstable behaviour
by
Jerson
on 8/20/21, 7:23 AM

Hi.

I've been using this module for a few months now and I noticed that it doesn't work as expected.

For example, I set the session timeout time to 1800 seconds (30 minutes) and leave the session inactive for hours and sometimes when I go back, the session is expired and sometimes it's not. The problem happens most in the portal side. Actually the session rarely expires for portal users or backoffice users that are using the website.

Sometimes I leave the session inactive from one day to the other and the session is not expired.

For me, the lack of sessions management on Odoo is a big issue and I thought that this module would help me at least address the inactive sessions issue, but unfortunately, as I said above, the behaviour is unstable and on the website it just doesn't work.

Are you aware of these issues?

I'll be waiting for your feedback.

Best regards,

Jerson Figueiredo


by
Eduardo Lecuna
on 5/5/21, 9:41 AM