What is different absoluteAuthTimeout and authTimeout

$absoluteAuthTimeout public property

The number of seconds in which the user will be logged out automatically regardless of activity. Note that this will not work if $enableAutoLogin is true.


integer $absoluteAuthTimeout = null

$authTimeout public property

The number of seconds in which the user will be logged out automatically if he remains inactive. If this property is not set, the user will be logged out after the current session expires (c.f. yii\web\Session::$timeout). Note that this will not work if $enableAutoLogin is true.


integer $authTimeout = null

What is different ?

$absoluteAuthTimeout public property

The number of seconds in which the user will be logged out automatically regardless of activity.

$authTimeout public property

The number of seconds in which the user will be logged out automatically if he remains inactive.

The first, if set, will logout the user even if is actively browsing the site when reach the timeout.

The second the timeout reset when the user actively use the application (browse, request content via ajax…), so the user is logged out only when inactive for the time setted.

Example:

I set $authTimeout to 60 min and $absoluteAuthTimeout to 360 min.

This means that the user will be logged out if INACTIVE for 60 min but he/she will be logged out anyway after 360 min since the login start.

As side note, is a nonsense set authTimeout>absoluteAuthTimeout because authTimeout limit will never be reached in any case.

Thanks, i see now