TYPO3 Core

The re-login popup dialog has conceptual drawbacks, and I opt for removing it as its usefulness has been decreased in the past years.

The re-login works as this: An AJAX request is done every 60 seconds. If the session timeout is less than 60 seconds, then a popup is shown to re-enter their credentials to stay logged in. This is useful when writing longer texts and unsaved changes should be kept.

• When using an external login provider (OAuth, SSO, OpenID connect) is used, the re-login concept does not work (that's why there is a global ! option to disable the popup)
• When working with multiple tabs, and the editor jumps back to the tab when the session timeout is over, the new session does not keep the existing values either
• Custom login providers cannot be used in conjunction with this dialog
• The AJAX polling of 60 seconds is rather a bummer, as we should rather use "push" functionality when the login is about to expire
• Various places in TYPO3 Backend code try to allow such "AJAX polling" calls and build up the form without any useful rendering of such a dialog

In the past years, we also mitigated this issue by setting the session lifetime of backend users from 2h to 8h (= 1 workday) so editors should not see this dialog that often anymore.