I’m currently trying to open a Jupyterhub instance deployed in my organization HPC cluster wide open on the internet. The final security requirement I have to answer is that users should be automatically logged out if they are inactive for more than say 10 minutes.
I’ve searched a bit for a solution to this, but did not find anything yet:
- https://github.com/jupyterhub/jupyterhub/issues/1459 : in 2017, this was obviously not possible.
How to force re-login for users : the
cookie_max_age_daysconfig value is not having any effect on the started Jupyterlab, only on the jupyterhub pages, as stated on the discussion. Plus, I’m not sure if it takes into account only inactivity or if it ends up the session no matter what.
Is there any other solution?
Does the spawned notebook periodically checks with the hub if authentication is still valid?
Is it possible to implement something like this somewhere?
Thanks in advance,