Comment 18 for bug 1036318

Jason Stephenson (jstephenson) wrote :

I agree that the session durability should be a separate bug.

I also think that re-authentication of the tpac/staff client when the staff client session has completely timed out should be another ticket. I've never really experienced it that much until today and there are a lot of things not to like about how it works, even when restricted to the staff client interface without tpac involved.

I'll take some more time to review the code in this branch, but I'm already convinced it is ready to be committed.

Do we need some kind of unit/integration test for this? If so, what would that look like?