Merge branch 'session_timeout' into 'master'

Expire Rack sessions after 1 week This has the side effect of preventing Redis from clogging up with old sessions. See merge request !1042
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:01:01 +0000
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:01:01 +0000
commit: eabbb7beb893833ff7d1ddc6f850e466fbcd9384 (patch)
tree: acf8eb85c3ecfd597136379e16bf6fd304f9e583
parent: 9b75d99d72e7b723457eed2cbb2d37305ec09dee (diff)
parent: 99b81be88777fddfc497b50789f9e185b9c0cd71 (diff)
download: gitlab-ce-eabbb7beb893833ff7d1ddc6f850e466fbcd9384.tar.gz
2 files changed, 2 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index b35e02268ec..0be2be76720 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,6 @@
 v 7.3.0
   - Always set the 'origin' remote in satellite actions
+  - Expire Rack sessions after 1 week
 
 v 7.2.0
   - Explore page
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 5fe5270236b..b3fa648f2a6 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -6,5 +6,6 @@ Gitlab::Application.config.session_store(
   key: '_gitlab_session',
   secure: Gitlab.config.gitlab.https,
   httponly: true,
+  expire_after: 1.week,
   path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
 )
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-26 16:01:01 +0000
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-26 16:01:01 +0000
commit	eabbb7beb893833ff7d1ddc6f850e466fbcd9384 (patch)
tree	acf8eb85c3ecfd597136379e16bf6fd304f9e583
parent	9b75d99d72e7b723457eed2cbb2d37305ec09dee (diff)
parent	99b81be88777fddfc497b50789f9e185b9c0cd71 (diff)
download	gitlab-ce-eabbb7beb893833ff7d1ddc6f850e466fbcd9384.tar.gz