nytai commented on issue #24745: URL: https://github.com/apache/superset/issues/24745#issuecomment-1679916955
The guest token isn't what's actually used to authenticate the requests. The guest token is exchanged for a superset session (stored in cookies) and that's what ends up authenticating the requests. If the guest token expires then it can no longer be used to set up an embedded session. If you'd like to expire sessions, you can refer to this for some options (note that it will apply to all superset users for that instance, not just the embedded ones) https://stackoverflow.com/questions/11783025/is-there-an-easy-way-to-make-sessions-timeout-in-flask Not sure about RLS not being applies to CSV results, that seems unrelated to the session expiration issue. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
