Improve authentication management and timeouts

[gubuntu]

1. ERPNExt sessions don't last very long - I have to log in again every day or sometimes less. Why can't I choose to stay logged in and only have to re-authenticate once a month or so or when device changes?
2. Why does every ERPNext tab have to auth independently? If one tab is authenticated, I should be able to open multiple ERPNext tabs or linkw without having to log in again to each one
3. When a page is logge out there is no indication until you try to save or submit, then you discover the action is not allowed. A login prompt should appear immediately upon auth timing out
4. When a page's auth has expired or been logged out, there are too many frustrating steps to log in again. First, reload the page. Second, choose to log in again. Third, provide auth details to actually log in. This last actual login prompt should appear first to enable one action to log in rather than three

[nikkothari22]

I think there's something wrong with your setup because we never face this issue.

The session timeout can be configured in System Settings.

Multiple tabs do not need separate logins either since Frappe uses cookie based authentication.

I think points 3 and 4 will be non-issues if your setup doesn't log you out constantly.

[ankush]

• Setup higher session duration from system settings
• Disable blocking multiple sessions

These two should solve most of your problem. Most of the time it's small duration or only 1 allowed concurrent session that results in behavior you're facing. Single session makes sense only if you're using it from single computer at work, but if you access it from multiple browser (on same computer) or multiple devices then you should turn it off.