Tgr added a comment.
Tokens never expire, but the session that holds them can. That behavior changed recently with the switch to Kask (less recently than August, though): before we had theoretically-infinite sessions which could get evicted, now we have a set session lifetime (1 day, IIRC?). The session also gets terminted when authentication fails, so possibly the bot actually gets logged out and the CSRF error is an effect of that. TASK DETAIL https://phabricator.wikimedia.org/T261050 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Tgr Cc: matej_suchanek, daniel, eprodromou, Tgr, Dvorapa, Xqt, Aklapper, Reedy, pywikibot-bugs-list, Multichill, JohnsonLee01, SHEKH, Naike, Dijkstra, CBogen, Khutuck, Zkhalido, WDoranWMF, Viztor, DannyS712, Wenyi, Amorymeltzer, Ramsey-WMF, Tbscho, MayS, Sethakill, Mdupont, JJMC89, dg711, Poyekhali, Agabi10, Altostratus, Taiwania_Justo, Avicennasis, Pchelolo, Ixocactus, Wong128hk, mys_721tx, Bawolff, El_Grafo, Dinoguy1000, jayvdb, Anomie, Masti, Alchimista, Steinsplitter, Rxy, Keegan, Legoktm
_______________________________________________ pywikibot-bugs mailing list pywikibot-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/pywikibot-bugs