Skepticats Tracker
Go to the previous open issue
Go to the previous issue (open or closed)
Please log in to bookmark issues
icon_project.png LnBlog / Closed Enhancement #78 Make IP locking of session tokens optional
Go to the next issue (open or closed)
Go to the next open issue
icon_info.png This issue has been closed with status "Fixed" and resolution "RESOLVED".
Issue basics
  • Type of issue
  • Category
    Not determined
  • Targetted for
    LnBlog 2.1
  • Status
  • Progress
  • Priority
    Not determined
User pain
  • Type of bug
    Not triaged
  • Likelihood
    Not triaged
  • Effect
    Not triaged
Affected by this issue (0)
There are no items
People involved
Times and dates
  • Posted at
  • Last updated
  • Estimated time
    Not estimated
  • Time spent
    No time spent
    Click here to see time logged against this issue
Issue details
  • Resolution
Attachments (0)
There is nothing attached to this issue
Duplicate issues (0)
This issue does not have any duplicates

Having the session token locked to an IP is a major pain when you're using a laptop and/or a VPN, because you can legitimately change IP addresses any time you sleep the laptop, which end up logging you out. I think it's still worth having this as an option, but it should not be on by default.

 pageer (pageer)
Jul 22, 2019
Make the session-based token IP lock optional and off by default. Also implemented the same option for cookie-based login, which previously did not use the IP lock.
  • The issue was closed
  • Status changed: New => Fixed by pageer (pageer)
  • Percent complete changed: 0 => 100
  • Resolution changed: Not determined => RESOLVED