I’ve noticed that the possibility to update user settings and passwords times out after x minutes. However, the session cookie is still valid, so that in my understanding the user would still be logged in.
If this is correct, how should one direct the user flow? Kratos tells him to log in another time, even though he is still logged in.
I only tested this in a very easy development setup, so I might be missing something. But it looked pretty weird to me.
Thanks already for the replies!