diff --git a/devdocs/todo.txt b/devdocs/todo.txt
index 270b04bf..a4a4dcb7 100644
--- a/devdocs/todo.txt
+++ b/devdocs/todo.txt
@@ -16,39 +16,16 @@ SERVER
 	
 	- DO ALL THE THINGS!!!! - all the way down to DOCS MANUAL below which isn't urgent and go back to client stuff
 	
-	
-   	- LOOK INTO JWT issues??
-		- potentially lots of issues, look into it as using them kind of mindlessly right now.
-			It could be simply that people are attempting to do other things I am not but to be safe read the criticism and see if any of it applies:
-			http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/
-			https://stackoverflow.com/questions/27301557/if-you-can-decode-jwt-how-are-they-secure/27301616#27301616
-			https://news.ycombinator.com/item?id=14292223
-			https://news.ycombinator.com/item?id=18804875
-
-
-	- Add tests to ensure security of JWT
-		- https://assets.pentesterlab.com/jwt_security_cheatsheet/jwt_security_cheatsheet.pdf
-		- https://gist.github.com/ejcx/cbf2e1bb75b02c7d77bc1cfcf84a167e
-		- DONE Test for expired token
-		- . Wrong key / credentials rejected (ISS?)
-		- Test truncated signature portion (3rd part)
-		- Test signature transpose bytes
-		- Test with no or wrong algorithm ensure won't accept
-		- Test inactive user can't login
-
-
-
-
+- WTF is this shit when logging is set to normal:
+		2019-01-16 16:13:03.4808|WARN|Microsoft.EntityFrameworkCore.Query|Query: '(from Widget <generated>_4 in DbSet<Widget> select [<generated>_4]).Skip(__p_1).Take(__p_2)' uses a row limiting operation (Skip/Take) without OrderBy which may lead to unpredictable results.
+		2019-01-16 16:13:03.6455|WARN|Microsoft.EntityFrameworkCore.Query|Query: '(from Widget <generated>_4 in DbSet<Widget> select [<generated>_4]).Skip(__p_1).Take(__p_2)' uses a row limiting operation (Skip/Take) without OrderBy which may lead to unpredictable results.
 
 
 	- UPDATE: Update all 3rd party libs in use with server and re-test
 		- It's been a while, some of the modules date to last fall
 		- Test on OPS server
 
-	- WTF is this shit when logging is set to normal:
-		2019-01-16 16:13:03.4808|WARN|Microsoft.EntityFrameworkCore.Query|Query: '(from Widget <generated>_4 in DbSet<Widget> select [<generated>_4]).Skip(__p_1).Take(__p_2)' uses a row limiting operation (Skip/Take) without OrderBy which may lead to unpredictable results.
-		2019-01-16 16:13:03.6455|WARN|Microsoft.EntityFrameworkCore.Query|Query: '(from Widget <generated>_4 in DbSet<Widget> select [<generated>_4]).Skip(__p_1).Take(__p_2)' uses a row limiting operation (Skip/Take) without OrderBy which may lead to unpredictable results.
-
+	
 
 
 =-=-=-=-=-=-
diff --git a/docs/8.0/ayanova/docs/ops-config-jwt-secret.md b/docs/8.0/ayanova/docs/ops-config-jwt-secret.md
index a0ca8c9a..1c10eb33 100644
--- a/docs/8.0/ayanova/docs/ops-config-jwt-secret.md
+++ b/docs/8.0/ayanova/docs/ops-config-jwt-secret.md
@@ -5,10 +5,12 @@ AyaNova uses JSON Web Tokens (JWT) for authentication.
 These time limited tokens are signed by the server using a secret key and issued to users when they log in to the AyaNova server.
 Every time the user makes a request to the server the JWT is sent along as well and verified to be valid.
 
-Tokens have a built in expiry mechanism to force users to re-login at periodic intervals in the range of days to weeks.
+Tokens have a built in expiry mechanism of 7 days from issue to force users to re-login at periodic intervals.
 
 Users can be prevented from logging in even if they have a valid token by setting them to inactive.
 
+All active tokens previously issued can be invalidated by changing this JWT Secret setting and restarting the server (or restarting the server and allowing it to choose a new secret value randomly if none is specified).
+
 ## Default
 
 If no secret key is specified the server will generate a new, random one each time it starts and this means that remote users who previously authenticated will need to login freshly if the server is restarted.
diff --git a/server/AyaNova/Controllers/AuthController.cs b/server/AyaNova/Controllers/AuthController.cs
index 03c5f16a..92480783 100644
--- a/server/AyaNova/Controllers/AuthController.cs
+++ b/server/AyaNova/Controllers/AuthController.cs
@@ -28,6 +28,7 @@ namespace AyaNova.Api.Controllers
         private readonly IConfiguration _configuration;
         private readonly ApiServerState serverState;
         private readonly IMetrics metrics;
+        private const int JWT_LIFETIME_DAYS=7;
 
         /// <summary>
         /// ctor
@@ -71,7 +72,7 @@ namespace AyaNova.Api.Controllers
             }
             int nFailedAuthDelay = 10000;
 
-            
+
 #if (DEBUG)
             nFailedAuthDelay = 1;
 
@@ -185,7 +186,7 @@ namespace AyaNova.Api.Controllers
 
                     //create a new datetime offset of now in utc time
                     var iat = new DateTimeOffset(DateTime.Now.ToUniversalTime(), TimeSpan.Zero);//timespan zero means zero time off utc / specifying this is a UTC datetime
-                    var exp = new DateTimeOffset(DateTime.Now.AddDays(30).ToUniversalTime(), TimeSpan.Zero);
+                    var exp = new DateTimeOffset(DateTime.Now.AddDays(JWT_LIFETIME_DAYS).ToUniversalTime(), TimeSpan.Zero);
 
                     var payload = new Dictionary<string, object>()
                         {
diff --git a/server/AyaNova/Program.cs b/server/AyaNova/Program.cs
index 9e554dae..ed4d0ea8 100644
--- a/server/AyaNova/Program.cs
+++ b/server/AyaNova/Program.cs
@@ -108,6 +108,10 @@ namespace AyaNova
             var logRuleFilterOutMicrosoftEfCoreDbUpdateExceptions = new LoggingRule("Microsoft.EntityFrameworkCore.DbUpdateException", NLog.LogLevel.Trace, NLog.LogLevel.Error, nullTarget);
             logRuleFilterOutMicrosoftEfCoreDbUpdateExceptions.Final = true;
 
+            //this rule is only intended to filter out this incorrect exception:
+            //2019-01-16 16:13:03.4808|WARN|Microsoft.EntityFrameworkCore.Query|Query: '(from Widget <generated>_4 in DbSet<Widget> select [<generated>_4]).Skip(__p_1).Take(__p_2)' uses a row limiting operation (Skip/Take) without OrderBy which may lead to unpredictable results.
+            var logRuleFilterOutMicrosoftEfCoreQueryExceptions = new LoggingRule("Microsoft.EntityFrameworkCore.Query", NLog.LogLevel.Trace, NLog.LogLevel.Error, nullTarget);
+            logRuleFilterOutMicrosoftEfCoreQueryExceptions.Final = true;
 
 
             //Log all other regular items at selected level
@@ -127,6 +131,7 @@ namespace AyaNova
                 logConfig.LoggingRules.Add(logRuleFilterOutMicrosoftEfCoreConcurrencyExceptions);
                 logConfig.LoggingRules.Add(logRuleFilterOutMicrosoftEfCoreCommandExceptions);
                 logConfig.LoggingRules.Add(logRuleFilterOutMicrosoftEfCoreDbUpdateExceptions);
+                 logConfig.LoggingRules.Add(logRuleFilterOutMicrosoftEfCoreQueryExceptions);
             }
 
             logConfig.LoggingRules.Add(logRuleAyaNovaItems);