Auto log out Options

[thekohser]

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?

[CharlotteWebb]

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?

Wikipedia can't tell whether you've closed your browser and opened it again, but you can configure the browser to delete all cookies at that time (for some, this is the default privacy setting) regardless of the duration the server intends.

Checking whether you have edited in the last N minutes would be a little more difficult, but I'm sure I could do it using javascript if somebody actually has a need for it.

But no, there's no currently built-in feature to this effect.

This post has been edited by CharlotteWebb:

[dogbiscuit]

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?

Wikipedia can't tell whether you've closed your browser and opened it again, but you can configure the browser to delete all cookies at that time (for some, this is the default privacy setting) regardless of the duration the server intends.

Checking whether you have edited in the last N minutes would be a little more difficult, but I'm sure I could do it using javascript if somebody actually has a need for it.

But no, there's no currently built-in feature to this effect.

Cookies have an expiration time, so a 30 minute without an edit cookie is a trivial bit of PHP to set the cookie with each interaction. You magically don't send the cookie back to Wikipedia after 31 minutes as part of browser functionality.

[CharlotteWebb]

Cookies have an expiration time, so a 30 minute without an edit cookie is a trivial bit of PHP to set the cookie with each interaction. You magically don't send the cookie back to Wikipedia after 31 minutes as part of browser functionality.

Magically indeed, what browser functionality is this?

Well if it's greasemonkey we might be on the same page…

[dogbiscuit]

Cookies have an expiration time, so a 30 minute without an edit cookie is a trivial bit of PHP to set the cookie with each interaction. You magically don't send the cookie back to Wikipedia after 31 minutes as part of browser functionality.

Magically indeed, what browser functionality is this?

Well if it's greasemonkey we might be on the same page…

A cookie is just a header that is downloaded and stored. When the browser sees a cookie that matches a site domain, it automatically sends the cookie back as part of the request in brain dead fashion. At the point the cookie expiration date expires, it is no longer sent back and so the site no longer has the login information (unless it also is tracking by session and decides that it is not interested in cookies while the session is current).

However, that is the principle that something like eBay would achieve its "Keep me signed in for a day" function.

[Random832]

A cookie is just a header that is downloaded and stored. When the browser sees a cookie that matches a site domain, it automatically sends the cookie back as part of the request in brain dead fashion. At the point the cookie expiration date expires, it is no longer sent back and so the site no longer has the login information (unless it also is tracking by session and decides that it is not interested in cookies while the session is current).

Um, with the cookie gone, the site also no longer has the session, unless it's done something like a url parameter (which is normally only done if a browser does not support cookies at all)

[dogbiscuit]

A cookie is just a header that is downloaded and stored. When the browser sees a cookie that matches a site domain, it automatically sends the cookie back as part of the request in brain dead fashion. At the point the cookie expiration date expires, it is no longer sent back and so the site no longer has the login information (unless it also is tracking by session and decides that it is not interested in cookies while the session is current).

Um, with the cookie gone, the site also no longer has the session, unless it's done something like a url parameter (which is normally only done if a browser does not support cookies at all)

The session cookie would be distinct from a cookie of login info, and the session normally is killed off when you shut down the browser, again by appropriate setting of the cookie. Session variables are stored on the server, essentially indexed by the session id, whereas the login info needs to be kept on the client computer to survive across sessions.

I'm sure we are not disagreeing, the point is that it is old hat to come up with a fairly robust scheme of timing out sessions, either using server tricks, client tricks or a combination of the two, normally the latter.