From a8df3250ba5d7b44d015596cc0d193f4e0a9e9e0 Mon Sep 17 00:00:00 2001
From: Benni Mack <benni@typo3.org>
Date: Tue, 3 Oct 2017 01:24:20 +0200
Subject: [PATCH] [TASK] Raise BE user session timeout to 8 hours

The current limit of an inactive user of 1 hour is not practical for a regular
editor. Instead, a default value of 8 hours fits more to a current work day.

Resolves: #82654
Releases: master
Change-Id: I2b0911f72771ffee7bd76b14de055a8a8e3f280b
Reviewed-on: https://review.typo3.org/54266
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
---
 .../core/Classes/Authentication/BackendUserAuthentication.php | 4 ++--
 typo3/sysext/core/Configuration/DefaultConfiguration.php      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
index c708a608f269..86378fb4bda2 100644
--- a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
@@ -246,7 +246,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
     public $writeAttemptLog = true;
 
     /**
-     * Session timeout (on the server)
+     * Session timeout (on the server), defaults to 8 hours for backend user
      *
      * If >0: session-timeout in seconds.
      * If <=0: Instant logout after login.
@@ -254,7 +254,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
      *
      * @var int
      */
-    public $sessionTimeout = 6000;
+    public $sessionTimeout = 28800;
 
     /**
      * @var int
diff --git a/typo3/sysext/core/Configuration/DefaultConfiguration.php b/typo3/sysext/core/Configuration/DefaultConfiguration.php
index 2eb7f92b3178..2f8b484f8623 100644
--- a/typo3/sysext/core/Configuration/DefaultConfiguration.php
+++ b/typo3/sysext/core/Configuration/DefaultConfiguration.php
@@ -839,7 +839,7 @@ return [
         'warning_email_addr' => '',
         'warning_mode' => '',
         'lockIP' => 4,
-        'sessionTimeout' => 3600,
+        'sessionTimeout' => 28800,  // a backend user logged in for 8 hours
         'IPmaskList' => '',
         'lockBeUserToDBmounts' => true,
         'lockSSL' => false,
-- 
GitLab