What happens when a persistent cookie expires during a users session?

I am trying to create my first authentication system. But there is one thing I do not understand and also cant find any info about.

To keep users logged in longer than a session, you can use persistent cookies. The persistent cookies has an expired date, which means that after a specific date and time, the cookie will expire.

My question now is what happens if a user is online and using the application and the persistent cookie date expires. Will the user be forced logged out?

If so, how can I prevent this?

There must be a way, I never got forced logged out on any page when i was using it.

Typically, when a browser cookie expires, the browser will not send the cookie along with the request and will likely delete the expired cookie.

If you’ve never experienced being forced to login again, it’s likely you’ve never had such a cookie expire on you. It could be that every time you visit the site the cookies life is being refreshed or extended. Depending on what you’re using to handle sessions/cookies the library used probably has a way to do this. Search something like your library + refresh extend session cookie and you’ll likely find a solution.

This topic was automatically closed 182 days after the last reply. New replies are no longer allowed.