Redirect to Login Page on Session Expiration #1604

New Issue

Open

opened 2026-02-05 01:23:55 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-05 01:23:55 +03:00

Owner

Copy Link

Originally created by @EHLO1 on GitHub (Mar 20, 2020).

Describe the bug
Might not be a bug! If it's not, we can make this a feature request?

I have the following configured in the .env:
SESSION_LIFETIME=120
SESSION_COOKIE_NAME=bookstack_session
SESSION_SECURE_COOKIE=true

Those settings work great, however, when a user's session expires, nothing happens. As an example, a user is writing a page, locks their computer and leaves for the day, then returns the next day to the same screen. They continue typing, but the moment they hit save or navigate anywhere else, THEN they get returned to the login page.

Steps To Reproduce
Steps to reproduce the behavior:

1. Configure the session settings in .env
2. Login and wait for the session to expire.
3. Notice that nothing has changed.
4. Try to navigate anywhere and then get returned to the login page.

Expected behavior
When a user's session expires, they should be returned to the login page.

Your Configuration (please complete the following information):

• Exact BookStack Version (Found in settings): v0.28.2
• PHP Version: 7.3.14
• Hosting Method (Nginx/Apache/Docker): Linuxserver.io Docker Container (Nginx)

If this issue should be taken up with Linuxserver.io, I will post it there instead. Thanks for any assistance you can provide!

Originally created by @EHLO1 on GitHub (Mar 20, 2020). **Describe the bug** Might not be a bug! If it's not, we can make this a feature request? I have the following configured in the .env: SESSION_LIFETIME=120 SESSION_COOKIE_NAME=bookstack_session SESSION_SECURE_COOKIE=true Those settings work great, however, when a user's session expires, nothing happens. As an example, a user is writing a page, locks their computer and leaves for the day, then returns the next day to the same screen. They continue typing, but the moment they hit save or navigate anywhere else, THEN they get returned to the login page. **Steps To Reproduce** Steps to reproduce the behavior: 1. Configure the session settings in .env 2. Login and wait for the session to expire. 3. Notice that nothing has changed. 4. Try to navigate anywhere and then get returned to the login page. **Expected behavior** When a user's session expires, they should be returned to the login page. **Your Configuration (please complete the following information):** - Exact BookStack Version (Found in settings): v0.28.2 - PHP Version: 7.3.14 - Hosting Method (Nginx/Apache/Docker): Linuxserver.io Docker Container (Nginx) If this issue should be taken up with Linuxserver.io, I will post it there instead. Thanks for any assistance you can provide!

OVERLORD commented 2026-02-05 01:23:59 +03:00

Author

Owner

Copy Link

@dopyrory3 commented on GitHub (Mar 24, 2020):

+1 I've deployed Bookstack in my organisation, really would be good to either notify users of session expiration or redirect to the login page.
The current method of handling it by not handling it is frustrating for a lot of people in my experience using this project

@dopyrory3 commented on GitHub (Mar 24, 2020): +1 I've deployed Bookstack in my organisation, really would be good to either notify users of session expiration or redirect to the login page. The current method of handling it by not handling it is frustrating for a lot of people in my experience using this project

OVERLORD commented 2026-02-05 01:24:01 +03:00

Author

Owner

Copy Link

@EHLO1 commented on GitHub (Mar 30, 2020):

I did a bit of reading on Laravel. Doesn't look like it's quite as straight forward as I thought. Apparently there are complications with multiple tabs being open.

An alternative could be to use JS to check last user activity and then post some sort of pop-up message after a period of inactivity letting them know they need to login again, and that they should save (or copy) their data. Is something like this more plausible?

@EHLO1 commented on GitHub (Mar 30, 2020): I did a bit of reading on Laravel. Doesn't look like it's quite as straight forward as I thought. Apparently there are complications with multiple tabs being open. An alternative could be to use JS to check last user activity and then post some sort of pop-up message after a period of inactivity letting them know they need to login again, and that they should save (or copy) their data. Is something like this more plausible?

OVERLORD referenced this issue 2026-02-05 01:32:11 +03:00

Adding Book Name to the Title - SEO #1657

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

release

v25-12

l10n_development

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.6

v25.12.5

v25.12.4

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#1604