It all depends on the application in my mind. If it is a banking app or something, then yeah the session should expire (probably faster than 2.5 hours IMO). If its a useless game or some trivial social app, then the standard is to leave the user always logged in.
-- gs On Wed, Mar 26, 2014 at 9:05 AM, Chris Wood <[email protected]> wrote: > >>> On 3/25/14, 3:55 PM, David Skinner wrote: > >>>> Hey everyone, > >>>> > >>>> We have a platform written in PHP. Our company has outsourced > development > >>>> of a mobile app. > .... > >>>> > >>>> Standing on my soap box here, I feel that we are being directed by > them to > >>>> change our system to make this little app work, where it seems it > should be > >>>> the other way around. They are our client. We are paying them. Why > can't > >>>> they use our API? Should they change their system to handle our system > >>>> responses better? Especially ones that state the session is expired? > At one > >>>> point they literally responded via email that their app has "...no > way to > >>>> have the user go to the login screen in the app if the session > expires". > >>>> > >>>> Surely changing our sessions to never expire can't be the right > >>>> solution...? Am I missing something here? > >>>> > >>>> Does anyone have any thoughts on this? > >>>> > >>>> Any comment is much appreciated. :) > > This sounds to me like an issue of dollars. They may have been paid a > flat fee to do the project and now for them to make modifications to > fix bugs the cost may come out of their pocket and that may be why > they are pushing back. If they can avoid more dev time on the > project, they preserve their profit margin. It could also be the > person that did the work for them is not longer available to fix the > bugs. This has the smell of politics and responsibility shifting to > avoid the work. > > _______________________________________________ > > UPHPU mailing list > [email protected] > http://uphpu.org/mailman/listinfo/uphpu > IRC: #uphpu on irc.freenode.net > _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
