It may be due to my configuration and that is why I post it here.
I have set up home assistant on a server at home. I do not have public IP and connect to the world through VPN. On VPN server I have httpd service that redirects me to my home server. Virtual host configured on Apache as per this instruction:
Everything seems to be working but … Every time i refresh web page home assistant returns to login screen. No big issue. I can live with that. But I noticed that list of active access tokens becomes longer and longer. After a day I may have 10-20 more. They do not disappear. After several weeks I may have hundreds.
May be this related with the fact that I missconfigured something?
Is there any setting that allows control of token activity time? If that could be set to, let us say, 24 hours that would be sufficient.
How are tokens stored? Is there a way to maybe set up cron job and delete all of them at midnight.