sessionExpiryTime for UI interface

is there a way for changing the session expiry time for the UI in NR 2.x?. The sessionExpiryTime option works perfectly fine for the editor interface, but I've noticed it does not affect the UI (or either I'm not using it properly).


By UI do you mean node-red-dashboard?

The only auth option we provide for that is by using httpNodeAuth. It doesn't provide any session expiry options.

Yes, I mean the dashboard. Ok, thanks Nick :grin:

I also noticed that the dashboard session tokens seems to be not registered in the session JSON fine, so as far I understand, once a client is authenticated its dashboard token never expires, is this correct?

That is correct. httpNodeAuth is a very crude authentication mechanism that only provides basic authentication with a single hardcoded username/password.

Thanks Nick :+1:

You can always look at using a reverse proxy to provide your front-end security.