Skepticats Tracker
LnBlog
previous_open_issue.png
Go to the previous open issue
previous_issue.png
Go to the previous issue (open or closed)
star_faded.png
Please log in to bookmark issues
enhancement_small.png
icon_project.png LnBlog / Closed Enhancement #78 Make IP locking of session tokens optional
next_issue.png
Go to the next issue (open or closed)
next_open_issue.png
Go to the next open issue
icon_info.png This issue has been closed with status "Fixed" and resolution "RESOLVED".
Issue basics
  • Type of issue
    Enhancement
  • Category
    Not determined
  • Targetted for
    LnBlog 2.1
  • Status
    Fixed
  • Progress
  • Priority
    Not determined
User pain
  • Type of bug
    Not triaged
  • Likelihood
    Not triaged
  • Effect
    Not triaged
Affected by this issue (0)
There are no items
People involved
Times and dates
  • Posted at
  • Last updated
  • Estimated time
    Not estimated
  • Time spent
    No time spent
    Click here to see time logged against this issue
Issue details
  • Resolution
    RESOLVED
Attachments (0)
There is nothing attached to this issue
Duplicate issues (0)
This issue does not have any duplicates
Description

Having the session token locked to an IP is a major pain when you're using a laptop and/or a VPN, because you can legitimately change IP addresses any time you sleep the laptop, which end up logging you out. I think it's still worth having this as an option, but it should not be on by default.

#1
 pageer (pageer)
Jul 22, 2019
Make the session-based token IP lock optional and off by default. Also implemented the same option for cookie-based login, which previously did not use the IP lock.
Changes:
  • The issue was closed
  • Status changed: New => Fixed by pageer (pageer)
  • Percent complete changed: 0 => 100
  • Resolution changed: Not determined => RESOLVED