feat: support user session timeout by adding the SESSION_EXPIRY_SECON…

…DS setting.
Pearson-Advance · Oct 17, 2023 · 874ddde · 874ddde
1 parent c2428f8
commit 874ddde
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/lms/envs/common.py b/lms/envs/common.py
@@ -3718,6 +3718,13 @@ def _make_locale_paths(settings):  # pylint: disable=missing-function-docstring
 FILE_UPLOAD_STORAGE_BUCKET_NAME = 'SET-ME-PLEASE (ex. bucket-name)'
 FILE_UPLOAD_STORAGE_PREFIX = 'submissions_attachments'
 
+##### SESSION EXPIRATION TIME #####
+# .. setting_name: SESSION_EXPIRY_SECONDS
+# .. setting_default: 604800 * 4
+# .. setting_description: Specifies the expiration duration for session users.
+SESSION_EXPIRY_SECONDS = 604800 * 4
+
+
 ##### ACCOUNT LOCKOUT DEFAULT PARAMETERS #####
 # .. setting_name: MAX_FAILED_LOGIN_ATTEMPTS_ALLOWED
 # .. setting_default: 6

diff --git a/openedx/core/djangoapps/user_authn/views/login.py b/openedx/core/djangoapps/user_authn/views/login.py
@@ -313,8 +313,10 @@ def _handle_successful_authentication_and_login(user, request):
 
     try:
         django_login(request, user)
-        request.session.set_expiry(604800 * 4)
-        log.debug("Setting user session expiry to 4 weeks")
+
+        seconds_to_expire = settings.SESSION_EXPIRY_SECONDS
+        request.session.set_expiry(seconds_to_expire)
+        log.debug("Setting user session expiry to {} seconds".format(seconds_to_expire))
 
         # .. event_implemented_name: SESSION_LOGIN_COMPLETED
         SESSION_LOGIN_COMPLETED.send_event(