RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: add docs about remember me duration (#2979) 

This documents disabling remember me.
pull/2977/head^2
James Elliott 2022-03-09 13:25:11 +11:00 committed by GitHub
parent 5d0b68ebea
commit 337dd61468
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/configuration/session/index.md
View File

@ -135,7 +135,7 @@ required: no
</div>
The time in [duration notation format](../index.md#duration-notation-format) the cookie expires and the session is
destroyed when the remember me box is checked.
destroyed when the remember me box is checked. Setting this to `-1` disables this feature entirely.
## Security

2
internal/handlers/handler_firstfactor.go
View File

@ -92,7 +92,7 @@ func FirstFactorPost(delayFunc middlewares.TimingAttackDelayFunc) middlewares.Re
}
// Check if bodyJSON.KeepMeLoggedIn can be deref'd and derive the value based on the configuration and JSON data.
keepMeLoggedIn := ctx.Providers.SessionProvider.RememberMe != 0 && bodyJSON.KeepMeLoggedIn != nil && *bodyJSON.KeepMeLoggedIn
keepMeLoggedIn := ctx.Providers.SessionProvider.RememberMe != -1 && bodyJSON.KeepMeLoggedIn != nil && *bodyJSON.KeepMeLoggedIn
// Set the cookie to expire if remember me is enabled and the user has asked us to.
if keepMeLoggedIn {