@alex80332 Yes this is the case, they need to login each time they visit the site, their login session is only valid until the browser tab is closed.
Keep in mind that this approach depends on the session storage to maintain the login state, people who know what they’re doing can copy the session item, and use it again, so it’s highly recommended not to use this method with any secret content, or you can put the content behind the login state, meaning that you only load your content after the authentication is succeeded.