We discussed this on telegram a bit, putting it here so we don't forget.
Currently the CWS login cookie is a session cookie. Its expiration should instead be configurable by admins, probably in cms.conf.
AWS cookie duration should probably be configurable too, but I don't know if we want it to always have the same length as CWS's one or not (i.e. do we need one option in cms.conf or two).
We discussed this on telegram a bit, putting it here so we don't forget.
Currently the CWS login cookie is a session cookie. Its expiration should instead be configurable by admins, probably in cms.conf.
AWS cookie duration should probably be configurable too, but I don't know if we want it to always have the same length as CWS's one or not (i.e. do we need one option in cms.conf or two).