Skip to main content
Documentation & User Guides | Fotoware

FotoWeb session handling

On the Login and Sessions page, you can manage how a user logs in to a session. 

From the Tools menu (cogwheel icon) go to Site Configuration Security > Login and Sessions
 

login_and_sessions.png

 

Enter a username or email address in the Search field to find a specific user.  Details for the user are displayed underneath. 

To end the session for the selected user, select Terminate

 

Login

You can select when and if a user must accept Terms and Conditions when logging in. 

Enter a Terms and Conditions in the text box.

 

Passwords

Select one or both of the following: 

Enforce password policy - Enter values in the Policy Regex and Validation help text fields.

Enable "Forgot Passord?" - Select this option to display a Forgot Password? link when logging in

 

Default Interface

Select Take users directly to Pro Interface if available to always open the Pro Interface for the selected user.

 

Session timeout

User sessions time out after a configurable amount of time of inactivity, even if a user has FotoWeb browser tabs open. This prevents potential abuse of open user sessions when users leave their workplace without logging out. 

You can allow users to choose to stay permanently signed in, also known as a persistent login. This means that when a user logs in, FotoWeb will set a permanent cookie in the user's browser so that they are 'remembered' when returning to the site. Unless the user manually signs out, they will be able to open FotoWeb in their browser and be automatically authenticated and signed in. If you turn off this option, the session will time out according to the session timeout interval set below.

When a user chooses to stay signed in, they remain signed in on the device even if inactive and regardless of the session timeout setting. However, unless the user has open browser windows, the user's session will disappear from the session list on the server after the session timeout, which will allow the user to log in on other devices.

Enabling persistent logins

  1. From the Tools menu (cogwheel icon) go to Site Configuration > Security > Login and Sessions. 
  2. In the Session timeout section, turn on the  Allow users to stay signed in (persistent login) toggle.
  3. In the Session timeout field, enter the number of minutes for which users remain logged in which inactive.
  4. Select Save.