Session ID Security
|
I am finding the same problem as this thread linked below. Session IDs that I have created and cannot log out are persistent and not invalidated. Any session ID that is created gives access to your account forever since they don't seem to be checked for expiration.
https://www.pathofexile.com/forum/view-thread/1349853 Last bumped5 мар. 2019 г., 16:39:53
Эта тема была автоматически архивирована. Ответы невозможны.
|
|
|
Sessions are invalidated after some time if they are inactive. Currently this is 2 months on our end.
If you change your password it will clear all previous sessions on your account. Logging out will immediately invalidate the current ID as well, as you have surmised. ✮
Web Developer ✮ View our Developer Docs ✮ |
