Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

authentication

Describe the bug

Disabling the "remember me" switch in realm setting does not invalidate existing user sessions created with "remember me" selected. Sessions created while the "remember me" switch was enabled continue to use their extended lifetime.

Version

main

Regression

• The issue is a regression

Expected behavior

User sessions created with "remember me" enabled should be invalidate when "remember me" is disabled in realm settings.

Actual behavior

User sessions created with "remember me" enabled are still valid when "remember me" is disabled in realm settings.

How to Reproduce?

• Enable "remember me" in realm settings
• Login in account console checking the "remember me" checkbox
• Disable "remember me" in realm settings
• Refresh the account console, the session is still valid

Anything else?

No response