This repository was archived by the owner on Aug 5, 2025. It is now read-only.
This repository was archived by the owner on Aug 5, 2025. It is now read-only.
Session is not invalidated after time expires using login_for #61
Description
login_for method takes a Duration parameter, for how long the user should be logged in, after whose expiration I'm expecting the user to not be authorized anymore.
I'm trying this with one minute.
auth.login_for(&form, std::time::Duration::from_secs(60))
.await?;In session/default/mod.rs this sets the auth key for that amout of time, but it seems it doesn't have effect...
#[throws(Error)]
fn insert_for(&self, id: i32, key: String, time: Duration) {
let key = AuthKey {
expires: time.as_secs() as i64,
secret: key,
};
self.insert(id, key);
}User session keeps letting me make requests even after 1 minute has passed.
Shouldn't rocket_auth automatically invalidate the session after expiration?