Author: M8R-udfkkf
Description:
For the API Login, it would be nice if there was a modifiable session time limit.
For example, a parameter lgsessionlimit=300
would mean that the sessionid would be valid for only 700 minutes (seconds would be silly).
This would be primarily a security enhancement and make session hijacking more difficult if a bot op forgot (or couldn't) logout.
Version: unspecified
Severity: enhancement
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=35220