Project

General

Profile

Actions
Copy link

Feature #16679

closed

Option to store token in session storage & idle timeout

Added by Peter Amstutz over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Lucas Di Pentima
Category:
Workbench2
Target version:
2020-09-09 Sprint
Story points:
-
Release:
Arvados 2.1.0
Release relationship:
Auto

Description

Option for Workbench 2 to store token in session storage instead of local storage, so that when the tab/browser is closed, the token is discarded.

"Open in new tab" operations should pass along the token (if possible) to avoid making the user log in again.

We should also add an idle timeout, it looks like we can do this via a react component:

https://blog.bitsrc.io/how-to-implement-idle-timeout-in-react-830d21c32942

Confirm (with tests) that Workbench 2 normal logout hits the API logout endpoint and expires the token.

Subtasks 2 (0 open2 closed)

Task #16759: Review 16679-token-security-enhancementsResolvedLucas Di Pentima09/07/2020Actions
Task #16793: Review 16679-wb2-idle-timeout-config (arvados repo)ResolvedPeter Amstutz09/01/2020Actions

Related issues

Related to Arvados Epics - Idea #16520: GxP QualificationResolved08/01/202004/30/2021Actions
Actions
Copy link

Also available in: Atom PDF