projects / GitHub / WoltLab / WCF.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0a0e7ef) | patch
Expire pending user changes after 15 minutes
authorTim Düsterhus <duesterhus@woltlab.com>
Wed, 25 Nov 2020 17:24:37 +0000 (18:24 +0100)
committerTim Düsterhus <duesterhus@woltlab.com>
Wed, 25 Nov 2020 17:38:00 +0000 (18:38 +0100)
commit010c37374e9a5fe8f0a2bba726639ce97b164c9f
tree84df6189fa9564df20d12beaf8185136521ab007tree | snapshot (tar.gz zip)
parent0a0e7ef75a08847c956eb92cd26fedc61403d8dbcommit | diff
Expire pending user changes after 15 minutes

15 minutes should be plenty of time for the user to complete the MF
authentication flow. A user is not going to sit patiently for 15 minutes
without simply closing the browser window which de facto forces them to start
anew, because nothing leads back to the MF authentication flow except
performing yet another login.

Email codes are the only (default) method that could be slow without the user
being able to do anything about it (e.g. due to greylisting). These codes
already expire after 10 minutes, giving an implicit upper bound (when ignoring
the fact that a new code will be sent every 2 minutes during refreshing).
wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php diff | blob | blame | history
wcfsetup/install/files/lib/system/session/SessionHandler.class.php diff | blob | blame | history
wcfsetup/install/lang/de.xml diff | blob | blame | history
wcfsetup/install/lang/en.xml diff | blob | blame | history
WoltLab Suite Core (previously WoltLab Community Framework)