What is SessionTimeout in appsettings.json?

[NonLinearThoughts]

I have seen in appsettings.json in the SealWebServer some user session attributes like SessionTimeout which are usually defined at the web server level (for example in the web.config). Is the authentication cookie and ultimately the user session managed by the Seal or by the web server? It would seem very strange for a web application to reinvent the wheel and not rely on ready-made functionality that a web server provides anyway. So I guess the Seal is passing the SessionTimeout information to the web server and it doesn't issue its own session cookies neither watch when the time out expires.

[ariacom]

yes SessionTimeout gives actually the duration of the user session: if the user does not do any request for this duration, the session is dropped. The implementation comes from the migration from .Net Framework to .Net Core (long time ago), it could be updated with the last .NetCore features.