[MISC] Update durations to notation format and housekeeping (#824)

* added regulation validator * made regulations find_time and ban_time values duration notation strings * added DefaultRegulationConfiguration for the validator * made session expiration and inactivity values duration notation strings * TOTP period does not need to be converted because adjustment should be discouraged * moved TOTP defaults to DefaultTOTPConfiguration and removed the consts * arranged the root config validator in configuration file order * adjusted tests for the changes * moved duration notation docs to root of configuration * added references to duration notation where applicable * project wide gofmt and goimports: * run gofmt * run goimports -local github.com/authelia/authelia -w on all files * Make jwt_secret error uniform and add tests * now at 100% coverage for internal/configuration/validator/configuration.go
2020-04-05 22:37:21 +10:00 · 2020-04-05 22:37:21 +10:00 · 8aade7f40e
parent 9800421b88
commit 8aade7f40e
93 changed files with 514 additions and 262 deletions
--- a/cmd/authelia-scripts/cmd_bootstrap.go
+++ b/cmd/authelia-scripts/cmd_bootstrap.go
@ -8,8 +8,9 @@ import (
 	"os/exec"
 	"strings"

-	"github.com/authelia/authelia/internal/utils"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 // HostEntry represents an entry in /etc/hosts
--- a/cmd/authelia-scripts/cmd_build.go
+++ b/cmd/authelia-scripts/cmd_build.go
@ -3,9 +3,10 @@ package main
 import (
 	"os"

-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 func buildAutheliaBinary() {
--- a/cmd/authelia-scripts/cmd_ci.go
+++ b/cmd/authelia-scripts/cmd_ci.go
@ -1,9 +1,10 @@
 package main

 import (
-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 const dockerPullCommandLine = "docker-compose -p authelia -f internal/suites/docker-compose.yml " +
--- a/cmd/authelia-scripts/cmd_docker.go
+++ b/cmd/authelia-scripts/cmd_docker.go
@ -7,9 +7,10 @@ import (
 	"regexp"
 	"strings"

-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 var arch string
--- a/cmd/authelia-scripts/cmd_serve.go
+++ b/cmd/authelia-scripts/cmd_serve.go
@ -3,9 +3,10 @@ package main
 import (
 	"os"

-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 // ServeCmd serve authelia with the provided configuration
--- a/cmd/authelia-scripts/cmd_suites.go
+++ b/cmd/authelia-scripts/cmd_suites.go
@ -11,10 +11,11 @@ import (
 	"syscall"
 	"time"

-	"github.com/authelia/authelia/internal/suites"
-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/suites"
+	"github.com/authelia/authelia/internal/utils"
 )

 // ErrNotAvailableSuite error raised when suite is not available.
--- a/cmd/authelia-scripts/cmd_unittest.go
+++ b/cmd/authelia-scripts/cmd_unittest.go
@ -1,10 +1,12 @@
 package main

 import (
-	"github.com/authelia/authelia/internal/utils"
+	"os"
+
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
-	"os"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 // RunUnitTest run the unit tests
--- a/cmd/authelia-scripts/main.go
+++ b/cmd/authelia-scripts/main.go
@ -3,10 +3,11 @@
 package main

 import (
-	"github.com/authelia/authelia/internal/commands"
-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/commands"
+	"github.com/authelia/authelia/internal/utils"
 )

 var logLevel string
--- a/cmd/authelia-suites/main.go
+++ b/cmd/authelia-suites/main.go
@ -5,11 +5,12 @@ import (
 	"os"
 	"path/filepath"

-	"github.com/authelia/authelia/internal/suites"
-	"github.com/authelia/authelia/internal/utils"
 	"github.com/otiai10/copy"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+
+	"github.com/authelia/authelia/internal/suites"
+	"github.com/authelia/authelia/internal/utils"
 )

 var tmpDirectory = "/tmp/authelia/suites/"
--- a/cmd/authelia/main.go
+++ b/cmd/authelia/main.go
@ -6,6 +6,9 @@ import (
 	"log"
 	"os"

+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+
 	"github.com/authelia/authelia/internal/authentication"
 	"github.com/authelia/authelia/internal/authorization"
 	"github.com/authelia/authelia/internal/commands"
@ -18,8 +21,6 @@ import (
 	"github.com/authelia/authelia/internal/session"
 	"github.com/authelia/authelia/internal/storage"
 	"github.com/authelia/authelia/internal/utils"
-	"github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
 )

 var configPathFlag string
@ -50,7 +51,6 @@ func startServer() {
 	case "debug":
 		logging.Logger().Info("Logging severity set to debug")
 		logging.SetLevel(logrus.DebugLevel)
-		break
 	case "trace":
 		logging.Logger().Info("Logging severity set to trace")
 		logging.SetLevel(logrus.TraceLevel)
--- a/config.template.yml
+++ b/config.template.yml
@ -262,14 +262,14 @@ session:
  secret: insecure_session_secret

  # The time in seconds before the cookie expires and session is reset.
-  expiration: 3600 # 1 hour
+  expiration: 1h

  # The inactivity time in seconds before the session is reset.
-  inactivity: 300 # 5 minutes
+  inactivity: 5m

  # The remember me duration.
  # Value of 0 disables remember me.
-  # Value is in seconds, or duration notation. See: https://docs.authelia.com/configuration/session.html#duration-notation
+  # Value is in seconds, or duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
  # Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to spy
  # or attack. Currently the default is 1M or 1 month.
  remember_me_duration: 1M
@ -300,10 +300,12 @@ regulation:

  # The time range during which the user can attempt login before being banned.
  # The user is banned if the authentication failed 'max_retries' times in a 'find_time' seconds window.
-  find_time: 120
+  # Find Time accepts duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
+  find_time: 2m

  # The length of time before a banned user can login again.
-  ban_time: 300
+  # Ban Time accepts duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
+  ban_time: 5m

 # Configuration of the storage backend used to store data and secrets.
 #
--- a/docs/configuration/index.md
+++ b/docs/configuration/index.md
@ -14,3 +14,27 @@ When running **Authelia**, you can specify your configuration by passing
 the file path as shown below.

    $ authelia --config config.custom.yml
+    
+## Duration Notation Format
+
+We have implemented a string based notation for configuration options that take a duration. This section describes its
+usage. You can use this implementation in: session for expiration, inactivity, and remember_me_duration; and regulation 
+for ban_time, and find_time. This notation also supports just providing the number of seconds instead.
+ 
+The notation is comprised of a number which must be positive and not have leading zeros, followed by a letter
+denoting the unit of time measurement. The table below describes the units of time and the associated letter.
+
+|Unit   |Associated Letter|
+|:-----:|:---------------:|
+|Years  |y                |
+|Months |M                |
+|Weeks  |w                |
+|Days   |d                |
+|Hours  |h                |
+|Minutes|m                |
+|Seconds|s                |
+
+Examples:
+* 1 hour and 30 minutes: 90m
+* 1 day: 1d
+* 10 hours: 10h
--- a/docs/configuration/regulation.md
+++ b/docs/configuration/regulation.md
@ -20,8 +20,15 @@ regulation:

    # The time range during which the user can attempt login before being banned.
    # The user is banned if the authentication failed `max_retries` times in a `find_time` seconds window.
-    find_time: 120
+    # Find Time accepts duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
+    find_time: 2m

    # The length of time before a banned user can sign in again.
-    ban_time: 300
-```
+    # Find Time accepts duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
+    ban_time: 5m
+```
+
+### Duration Notation
+
+The configuration parameters find_time, and ban_time use duration notation. See the documentation
+for [duration notation format](index.md#duration-notation-format) for more information.
--- a/docs/configuration/session.md
+++ b/docs/configuration/session.md
@ -27,14 +27,14 @@ session:
  secret: unsecure_session_secret

  # The time in seconds before the cookie expires and session is reset.
-  expiration: 3600 # 1 hour
+  expiration: 1h

  # The inactivity time in seconds before the session is reset.
-  inactivity: 300 # 5 minutes
+  inactivity: 5m

  # The remember me duration.
  # Value of 0 disables remember me.
-  # Value is in seconds, or duration notation. See: https://docs.authelia.com/configuration/session.html#duration-notation
+  # Value is in seconds, or duration notation. See: https://docs.authelia.com/configuration/index.html#duration-notation-format
  # Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to spy
  # or attack. Currently the default is 1M or 1 month.
  remember_me_duration:  1M
@ -57,28 +57,7 @@ session:
 Configuration of this section has an impact on security. You should read notes in
 [security measures](../security/measures.md#session-security) for more information.

-# Duration Notation
+### Duration Notation

-We have implemented a string based notation for configuration options that take a duration. This section describes its
-usage.
-
-**NOTE:** At the time of this writing, only remember_me_duration uses this value type. But we plan to change expiration
-and inactivity.
- 
-The notation is comprised of a number which must be positive and not have leading zeros, followed by a letter
-denoting the unit of time measurement. The table below describes the units of time and the associated letter.
-
-|Unit   |Associated Letter|
-|:-----:|:---------------:|
-|Years  |y                |
-|Months |M                |
-|Weeks  |w                |
-|Days   |d                |
-|Hours  |h                |
-|Minutes|m                |
-|Seconds|s                |
-
-Examples:
-* 1 hour and 30 minutes: 90m
-* 1 day: 1d
-* 10 hours: 10h
+The configuration parameters expiration, inactivity, and remember_me_duration use duration notation. See the documentation
+for [duration notation format](index.md#duration-notation-format) for more information.
--- a/internal/authentication/file_user_provider.go
+++ b/internal/authentication/file_user_provider.go
@ -8,8 +8,9 @@ import (
 	"sync"

 	"github.com/asaskevich/govalidator"
-	"github.com/authelia/authelia/internal/configuration/schema"
 	"gopkg.in/yaml.v2"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 // FileUserProvider is a provider reading details from a file.
--- a/internal/authentication/file_user_provider_test.go
+++ b/internal/authentication/file_user_provider_test.go
@ -7,8 +7,9 @@ import (
 	"strings"
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/assert"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 func WithDatabase(content []byte, f func(path string)) {
--- a/internal/authentication/ldap_connection_factory_mock.go
+++ b/internal/authentication/ldap_connection_factory_mock.go
@ -6,9 +6,10 @@ package authentication

 import (
 	tls "crypto/tls"
+	reflect "reflect"
+
 	ldap_v3 "github.com/go-ldap/ldap/v3"
 	gomock "github.com/golang/mock/gomock"
-	reflect "reflect"
 )

 // MockLDAPConnection is a mock of LDAPConnection interface
--- a/internal/authentication/ldap_user_provider.go
+++ b/internal/authentication/ldap_user_provider.go
@ -6,9 +6,10 @@ import (
 	"net/url"
 	"strings"

+	"github.com/go-ldap/ldap/v3"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/logging"
-	"github.com/go-ldap/ldap/v3"
 )

 // LDAPUserProvider is a provider using a LDAP or AD as a user database.
--- a/internal/authentication/ldap_user_provider_test.go
+++ b/internal/authentication/ldap_user_provider_test.go
@ -3,11 +3,12 @@ package authentication
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/go-ldap/ldap/v3"
 	gomock "github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 func TestShouldCreateRawConnectionWhenSchemeIsLDAP(t *testing.T) {
--- a/internal/authentication/password_hash.go
+++ b/internal/authentication/password_hash.go
@ -6,8 +6,9 @@ import (
 	"strconv"
 	"strings"

-	"github.com/authelia/authelia/internal/utils"
 	"github.com/simia-tech/crypt"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 // PasswordHash represents all characteristics of a password hash.
--- a/internal/authentication/password_hash_test.go
+++ b/internal/authentication/password_hash_test.go
@ -4,11 +4,12 @@ import (
 	"fmt"
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
-	"github.com/authelia/authelia/internal/utils"
 	"github.com/simia-tech/crypt"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/utils"
 )

 func TestShouldHashSHA512Password(t *testing.T) {
--- a/internal/commands/hash.go
+++ b/internal/commands/hash.go
@ -3,9 +3,10 @@ package commands
 import (
 	"fmt"

+	"github.com/spf13/cobra"
+
 	"github.com/authelia/authelia/internal/authentication"
 	"github.com/authelia/authelia/internal/configuration/schema"
-	"github.com/spf13/cobra"
 )

 func init() {
--- a/internal/commands/migration.go
+++ b/internal/commands/migration.go
@ -4,9 +4,10 @@ import (
 	"encoding/base64"
 	"strings"

+	"github.com/spf13/cobra"
+
 	"github.com/authelia/authelia/internal/configuration"
 	"github.com/authelia/authelia/internal/storage"
-	"github.com/spf13/cobra"
 )

 var MigrateCmd *cobra.Command
--- a/internal/commands/migration_local.go
+++ b/internal/commands/migration_local.go
@ -8,9 +8,10 @@ import (
 	"path"
 	"time"

+	"github.com/spf13/cobra"
+
 	"github.com/authelia/authelia/internal/models"
 	"github.com/authelia/authelia/internal/storage"
-	"github.com/spf13/cobra"
 )

 var configurationPath string
--- a/internal/commands/migration_mongo.go
+++ b/internal/commands/migration_mongo.go
@ -5,12 +5,13 @@ import (
 	"log"
 	"time"

-	"github.com/authelia/authelia/internal/models"
-	"github.com/authelia/authelia/internal/storage"
 	"github.com/spf13/cobra"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
+
+	"github.com/authelia/authelia/internal/models"
+	"github.com/authelia/authelia/internal/storage"
 )

 var mongoURL string
--- a/internal/configuration/reader.go
+++ b/internal/configuration/reader.go
@ -4,9 +4,10 @@ import (
 	"fmt"
 	"strings"

+	"github.com/spf13/viper"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/configuration/validator"
-	"github.com/spf13/viper"
 )

 func check(e error) {
--- a/internal/configuration/schema/regulation.go
+++ b/internal/configuration/schema/regulation.go
@ -2,7 +2,13 @@ package schema

 // RegulationConfiguration represents the configuration related to regulation.
 type RegulationConfiguration struct {
-	MaxRetries int   `mapstructure:"max_retries"`
-	FindTime   int64 `mapstructure:"find_time"`
-	BanTime    int64 `mapstructure:"ban_time"`
+	MaxRetries int    `mapstructure:"max_retries"`
+	FindTime   string `mapstructure:"find_time"`
+	BanTime    string `mapstructure:"ban_time"`
+}
+
+var DefaultRegulationConfiguration = RegulationConfiguration{
+	MaxRetries: 3,
+	FindTime:   "2m",
+	BanTime:    "5m",
 }
--- a/internal/configuration/schema/session.go
+++ b/internal/configuration/schema/session.go
@ -10,11 +10,10 @@ type RedisSessionConfiguration struct {

 // SessionConfiguration represents the configuration related to user sessions.
 type SessionConfiguration struct {
-	// TODO(james-d-elliott): Convert to duration notation (Both Expiration and Activity need to be strings, and default needs to be changed)
 	Name               string                     `mapstructure:"name"`
 	Secret             string                     `mapstructure:"secret"`
-	Expiration         int64                      `mapstructure:"expiration"` // Expiration in seconds
-	Inactivity         int64                      `mapstructure:"inactivity"` // Inactivity in seconds
+	Expiration         string                     `mapstructure:"expiration"`
+	Inactivity         string                     `mapstructure:"inactivity"`
 	RememberMeDuration string                     `mapstructure:"remember_me_duration"`
 	Domain             string                     `mapstructure:"domain"`
 	Redis              *RedisSessionConfiguration `mapstructure:"redis"`
@ -23,6 +22,7 @@ type SessionConfiguration struct {
 // DefaultSessionConfiguration is the default session configuration
 var DefaultSessionConfiguration = SessionConfiguration{
 	Name:               "authelia_session",
-	Expiration:         3600,
+	Expiration:         "1h",
+	Inactivity:         "5m",
 	RememberMeDuration: "1M",
 }
--- a/internal/configuration/schema/totp.go
+++ b/internal/configuration/schema/totp.go
@ -6,3 +6,10 @@ type TOTPConfiguration struct {
 	Period int    `mapstructure:"period"`
 	Skew   *int   `mapstructure:"skew"`
 }
+
+var defaultOtpSkew = 1
+var DefaultTOTPConfiguration = TOTPConfiguration{
+	Issuer: "Authelia",
+	Period: 30,
+	Skew:   &defaultOtpSkew,
+}
--- a/internal/configuration/validator/authentication_test.go
+++ b/internal/configuration/validator/authentication_test.go
@ -3,10 +3,11 @@ package validator
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 func TestShouldRaiseErrorsWhenNoBackendProvided(t *testing.T) {
--- a/internal/configuration/validator/configuration.go
+++ b/internal/configuration/validator/configuration.go
@ -20,16 +20,20 @@ func Validate(configuration *schema.Configuration, validator *schema.StructValid
 		configuration.Port = defaultPort
 	}

-	if configuration.LogLevel == "" {
-		configuration.LogLevel = defaultLogLevel
-	}
-
 	if configuration.TLSKey != "" && configuration.TLSCert == "" {
 		validator.Push(fmt.Errorf("No TLS certificate provided, please check the \"tls_cert\" which has been configured"))
 	} else if configuration.TLSKey == "" && configuration.TLSCert != "" {
 		validator.Push(fmt.Errorf("No TLS key provided, please check the \"tls_key\" which has been configured"))
 	}

+	if configuration.LogLevel == "" {
+		configuration.LogLevel = defaultLogLevel
+	}
+
+	if configuration.JWTSecret == "" {
+		validator.Push(fmt.Errorf("Provide a JWT secret using \"jwt_secret\" key"))
+	}
+
 	if configuration.DefaultRedirectionURL != "" {
 		_, err := url.ParseRequestURI(configuration.DefaultRedirectionURL)
 		if err != nil {
@ -37,27 +41,29 @@ func Validate(configuration *schema.Configuration, validator *schema.StructValid
 		}
 	}

-	if configuration.JWTSecret == "" {
-		validator.Push(fmt.Errorf("Provide a JWT secret using `jwt_secret` key"))
-	}
-
-	ValidateAuthenticationBackend(&configuration.AuthenticationBackend, validator)
-	ValidateSession(&configuration.Session, validator)
-
 	if configuration.TOTP == nil {
 		configuration.TOTP = &schema.TOTPConfiguration{}
 	}
 	ValidateTOTP(configuration.TOTP, validator)

+	ValidateAuthenticationBackend(&configuration.AuthenticationBackend, validator)
+
+	if configuration.AccessControl.DefaultPolicy == "" {
+		configuration.AccessControl.DefaultPolicy = "deny"
+	}
+
+	ValidateSession(&configuration.Session, validator)
+
+	if configuration.Regulation == nil {
+		configuration.Regulation = &schema.RegulationConfiguration{}
+	}
+	ValidateRegulation(configuration.Regulation, validator)
+
+	ValidateStorage(configuration.Storage, validator)
+
 	if configuration.Notifier == nil {
 		validator.Push(fmt.Errorf("A notifier configuration must be provided"))
 	} else {
 		ValidateNotifier(configuration.Notifier, validator)
 	}
-
-	if configuration.AccessControl.DefaultPolicy == "" {
-		configuration.AccessControl.DefaultPolicy = "deny"
-	}
-
-	ValidateStorage(configuration.Storage, validator)
 }
--- a/internal/configuration/validator/configuration_test.go
+++ b/internal/configuration/validator/configuration_test.go
@ -3,9 +3,10 @@ package validator
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 func newDefaultConfig() schema.Configuration {
@ -129,3 +130,23 @@ func TestShouldNotRaiseErrorWhenBothTLSCertificateAndKeyAreProvided(t *testing.T
 	Validate(&config, validator)
 	require.Len(t, validator.Errors(), 0)
 }
+
+func TestShouldRaiseErrorWithUndefinedJWTSecretKey(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultConfig()
+	config.JWTSecret = ""
+
+	Validate(&config, validator)
+	require.Len(t, validator.Errors(), 1)
+	assert.EqualError(t, validator.Errors()[0], "Provide a JWT secret using \"jwt_secret\" key")
+}
+
+func TestShouldRaiseErrorWithBadDefaultRedirectionURL(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultConfig()
+	config.DefaultRedirectionURL = "abc"
+
+	Validate(&config, validator)
+	require.Len(t, validator.Errors(), 1)
+	assert.EqualError(t, validator.Errors()[0], "Unable to parse default redirection url")
+}
--- a/internal/configuration/validator/notifier.go
+++ b/internal/configuration/validator/notifier.go
@ -1,8 +1,10 @@
 package validator

-import "github.com/authelia/authelia/internal/configuration/schema"
+import (
+	"fmt"

-import "fmt"
+	"github.com/authelia/authelia/internal/configuration/schema"
+)

 // ValidateSession validates and update session configuration.
 func ValidateNotifier(configuration *schema.NotifierConfiguration, validator *schema.StructValidator) {
--- a/internal/configuration/validator/notifier_test.go
+++ b/internal/configuration/validator/notifier_test.go
@ -3,8 +3,9 @@ package validator
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 type NotifierSuite struct {
--- a/internal/configuration/validator/regulation.go
+++ b/internal/configuration/validator/regulation.go
@ -0,0 +1,30 @@
+package validator
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/utils"
+)
+
+// ValidateSession validates and update session configuration.
+func ValidateRegulation(configuration *schema.RegulationConfiguration, validator *schema.StructValidator) {
+	if configuration.FindTime == "" {
+		configuration.FindTime = schema.DefaultRegulationConfiguration.FindTime // 2 min
+	}
+	if configuration.BanTime == "" {
+		configuration.BanTime = schema.DefaultRegulationConfiguration.BanTime // 5 min
+	}
+	findTime, err := utils.ParseDurationString(configuration.FindTime)
+	if err != nil {
+		validator.Push(errors.New(fmt.Sprintf("Error occurred parsing regulation find_time string: %s", err)))
+	}
+	banTime, err := utils.ParseDurationString(configuration.BanTime)
+	if err != nil {
+		validator.Push(errors.New(fmt.Sprintf("Error occurred parsing regulation ban_time string: %s", err)))
+	}
+	if findTime > banTime {
+		validator.Push(errors.New(fmt.Sprintf("find_time cannot be greater than ban_time")))
+	}
+}
--- a/internal/configuration/validator/regulation_test.go
+++ b/internal/configuration/validator/regulation_test.go
@ -0,0 +1,45 @@
+package validator
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+)
+
+func newDefaultRegulationConfig() schema.RegulationConfiguration {
+	config := schema.RegulationConfiguration{}
+	return config
+}
+
+func TestShouldSetDefaultRegulationBanTime(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultRegulationConfig()
+
+	ValidateRegulation(&config, validator)
+
+	assert.Len(t, validator.Errors(), 0)
+	assert.Equal(t, schema.DefaultRegulationConfiguration.BanTime, config.BanTime)
+}
+
+func TestShouldSetDefaultRegulationFindTime(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultRegulationConfig()
+
+	ValidateRegulation(&config, validator)
+
+	assert.Len(t, validator.Errors(), 0)
+	assert.Equal(t, schema.DefaultRegulationConfiguration.FindTime, config.FindTime)
+}
+
+func TestShouldRaiseErrorWhenFindTimeLessThanBanTime(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultRegulationConfig()
+	config.FindTime = "1m"
+	config.BanTime = "10s"
+	ValidateRegulation(&config, validator)
+
+	assert.Len(t, validator.Errors(), 1)
+	assert.EqualError(t, validator.Errors()[0], "find_time cannot be greater than ban_time")
+}
--- a/internal/configuration/validator/session.go
+++ b/internal/configuration/validator/session.go
@ -3,6 +3,7 @@ package validator
 import (
 	"errors"
 	"fmt"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/utils"
 )
@ -17,24 +18,22 @@ func ValidateSession(configuration *schema.SessionConfiguration, validator *sche
 		validator.Push(errors.New("Set secret of the session object"))
 	}

-	// TODO(james-d-elliott): Convert to duration notation
-	if configuration.Expiration == 0 {
+	if configuration.Expiration == "" {
 		configuration.Expiration = schema.DefaultSessionConfiguration.Expiration // 1 hour
-	} else if configuration.Expiration < 1 {
-		validator.Push(errors.New("Set expiration of the session above 0"))
+	} else if _, err := utils.ParseDurationString(configuration.Expiration); err != nil {
+		validator.Push(errors.New(fmt.Sprintf("Error occurred parsing session expiration string: %s", err)))
 	}

-	// TODO(james-d-elliott): Convert to duration notation
-	if configuration.Inactivity < 0 {
-		validator.Push(errors.New("Set inactivity of the session to 0 or above"))
+	if configuration.Inactivity == "" {
+		configuration.Inactivity = schema.DefaultSessionConfiguration.Inactivity // 5 min
+	} else if _, err := utils.ParseDurationString(configuration.Inactivity); err != nil {
+		validator.Push(errors.New(fmt.Sprintf("Error occurred parsing session inactivity string: %s", err)))
 	}

 	if configuration.RememberMeDuration == "" {
-		configuration.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration
-	} else {
-		if _, err := utils.ParseDurationString(configuration.RememberMeDuration); err != nil {
-			validator.Push(errors.New(fmt.Sprintf("Error occurred parsing remember_me_duration string: %s", err)))
-		}
+		configuration.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration // 1 month
+	} else if _, err := utils.ParseDurationString(configuration.RememberMeDuration); err != nil {
+		validator.Push(errors.New(fmt.Sprintf("Error occurred parsing session remember_me_duration string: %s", err)))
 	}

 	if configuration.Domain == "" {
--- a/internal/configuration/validator/session_test.go
+++ b/internal/configuration/validator/session_test.go
@ -3,8 +3,9 @@ package validator
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/assert"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 func newDefaultSessionConfig() schema.SessionConfiguration {
@ -21,7 +22,27 @@ func TestShouldSetDefaultSessionName(t *testing.T) {
 	ValidateSession(&config, validator)

 	assert.Len(t, validator.Errors(), 0)
-	assert.Equal(t, "authelia_session", config.Name)
+	assert.Equal(t, schema.DefaultSessionConfiguration.Name, config.Name)
+}
+
+func TestShouldSetDefaultSessionInactivity(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultSessionConfig()
+
+	ValidateSession(&config, validator)
+
+	assert.Len(t, validator.Errors(), 0)
+	assert.Equal(t, schema.DefaultSessionConfiguration.Inactivity, config.Inactivity)
+}
+
+func TestShouldSetDefaultSessionExpiration(t *testing.T) {
+	validator := schema.NewStructValidator()
+	config := newDefaultSessionConfig()
+
+	ValidateSession(&config, validator)
+
+	assert.Len(t, validator.Errors(), 0)
+	assert.Equal(t, schema.DefaultSessionConfiguration.Expiration, config.Expiration)
 }

 func TestShouldRaiseErrorWhenRedisIsUsedAndPasswordNotSet(t *testing.T) {
@ -57,14 +78,14 @@ func TestShouldRaiseErrorWhenDomainNotSet(t *testing.T) {
 func TestShouldRaiseErrorWhenBadInactivityAndExpirationSet(t *testing.T) {
 	validator := schema.NewStructValidator()
 	config := newDefaultSessionConfig()
-	config.Inactivity = -1
-	config.Expiration = -1
+	config.Inactivity = "-1"
+	config.Expiration = "-1"

 	ValidateSession(&config, validator)

 	assert.Len(t, validator.Errors(), 2)
-	assert.EqualError(t, validator.Errors()[0], "Set expiration of the session above 0")
-	assert.EqualError(t, validator.Errors()[1], "Set inactivity of the session to 0 or above")
+	assert.EqualError(t, validator.Errors()[0], "Error occurred parsing session expiration string: could not convert the input string of -1 into a duration")
+	assert.EqualError(t, validator.Errors()[1], "Error occurred parsing session inactivity string: could not convert the input string of -1 into a duration")
 }

 func TestShouldRaiseErrorWhenBadRememberMeDurationSet(t *testing.T) {
@ -75,7 +96,7 @@ func TestShouldRaiseErrorWhenBadRememberMeDurationSet(t *testing.T) {
 	ValidateSession(&config, validator)

 	assert.Len(t, validator.Errors(), 1)
-	assert.EqualError(t, validator.Errors()[0], "Error occurred parsing remember_me_duration string: could not convert the input string of 1 year into a duration")
+	assert.EqualError(t, validator.Errors()[0], "Error occurred parsing session remember_me_duration string: could not convert the input string of 1 year into a duration")
 }

 func TestShouldSetDefaultRememberMeDuration(t *testing.T) {
--- a/internal/configuration/validator/storage_test.go
+++ b/internal/configuration/validator/storage_test.go
@ -3,8 +3,9 @@ package validator
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 type StorageSuite struct {
--- a/internal/configuration/validator/totp.go
+++ b/internal/configuration/validator/totp.go
@ -2,27 +2,23 @@ package validator

 import (
 	"fmt"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 )

-const defaultTOTPIssuer = "Authelia"
-const DefaultTOTPPeriod = 30
-const DefaultTOTPSkew = 1
-
 // ValidateTOTP validates and update TOTP configuration.
 func ValidateTOTP(configuration *schema.TOTPConfiguration, validator *schema.StructValidator) {
 	if configuration.Issuer == "" {
-		configuration.Issuer = defaultTOTPIssuer
+		configuration.Issuer = schema.DefaultTOTPConfiguration.Issuer
 	}
 	if configuration.Period == 0 {
-		configuration.Period = DefaultTOTPPeriod
+		configuration.Period = schema.DefaultTOTPConfiguration.Period
 	} else if configuration.Period < 0 {
 		validator.Push(fmt.Errorf("TOTP Period must be 1 or more"))
 	}

 	if configuration.Skew == nil {
-		var skew = DefaultTOTPSkew
-		configuration.Skew = &skew
+		configuration.Skew = schema.DefaultTOTPConfiguration.Skew
 	} else if *configuration.Skew < 0 {
 		validator.Push(fmt.Errorf("TOTP Skew must be 0 or more"))
 	}
--- a/internal/configuration/validator/totp_test.go
+++ b/internal/configuration/validator/totp_test.go
@ -3,9 +3,10 @@ package validator
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
 )

 func TestShouldSetDefaultTOTPValues(t *testing.T) {
@ -16,8 +17,8 @@ func TestShouldSetDefaultTOTPValues(t *testing.T) {

 	require.Len(t, validator.Errors(), 0)
 	assert.Equal(t, "Authelia", config.Issuer)
-	assert.Equal(t, DefaultTOTPSkew, *config.Skew)
-	assert.Equal(t, DefaultTOTPPeriod, config.Period)
+	assert.Equal(t, *schema.DefaultTOTPConfiguration.Skew, *config.Skew)
+	assert.Equal(t, schema.DefaultTOTPConfiguration.Period, config.Period)
 }

 func TestShouldRaiseErrorWhenInvalidTOTPMinimumValues(t *testing.T) {
--- a/internal/duo/duo.go
+++ b/internal/duo/duo.go
@ -4,7 +4,7 @@ import (
 	"encoding/json"
 	"net/url"

-	"github.com/duosecurity/duo_api_golang"
+	duoapi "github.com/duosecurity/duo_api_golang"

 	"github.com/authelia/authelia/internal/middlewares"
 )
--- a/internal/duo/types.go
+++ b/internal/duo/types.go
@ -3,9 +3,10 @@ package duo
 import (
 	"net/url"

+	duoapi "github.com/duosecurity/duo_api_golang"
+
 	"github.com/authelia/authelia/internal/middlewares"
 )
-import "github.com/duosecurity/duo_api_golang"

 // API interface wrapping duo api library for testing purpose
 type API interface {
--- a/internal/handlers/handler_configuration_test.go
+++ b/internal/handlers/handler_configuration_test.go
@ -1,11 +1,13 @@
 package handlers

 import (
+	"testing"
+
+	"github.com/stretchr/testify/suite"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/mocks"
 	"github.com/authelia/authelia/internal/session"
-	"github.com/stretchr/testify/suite"
-	"testing"
 )

 type ConfigurationSuite struct {
--- a/internal/handlers/handler_extended_configuration_test.go
+++ b/internal/handlers/handler_extended_configuration_test.go
@ -3,12 +3,11 @@ package handlers
 import (
 	"testing"

+	"github.com/stretchr/testify/suite"
+
 	"github.com/authelia/authelia/internal/authorization"
 	"github.com/authelia/authelia/internal/configuration/schema"
-	"github.com/authelia/authelia/internal/configuration/validator"
 	"github.com/authelia/authelia/internal/mocks"
-
-	"github.com/stretchr/testify/suite"
 )

 type SecondFactorAvailableMethodsFixture struct {
@ -31,13 +30,13 @@ func (s *SecondFactorAvailableMethodsFixture) TearDownTest() {
 func (s *SecondFactorAvailableMethodsFixture) TestShouldServeDefaultMethods() {
 	s.mock.Ctx.Configuration = schema.Configuration{
 		TOTP: &schema.TOTPConfiguration{
-			Period: validator.DefaultTOTPPeriod,
+			Period: schema.DefaultTOTPConfiguration.Period,
 		},
 	}
 	expectedBody := ExtendedConfigurationBody{
 		AvailableMethods:    []string{"totp", "u2f"},
 		SecondFactorEnabled: false,
-		TOTPPeriod:          validator.DefaultTOTPPeriod,
+		TOTPPeriod:          schema.DefaultTOTPConfiguration.Period,
 	}
 	ExtendedConfigurationGet(s.mock.Ctx)
 	s.mock.Assert200OK(s.T(), expectedBody)
@ -47,13 +46,13 @@ func (s *SecondFactorAvailableMethodsFixture) TestShouldServeDefaultMethodsAndMo
 	s.mock.Ctx.Configuration = schema.Configuration{
 		DuoAPI: &schema.DuoAPIConfiguration{},
 		TOTP: &schema.TOTPConfiguration{
-			Period: validator.DefaultTOTPPeriod,
+			Period: schema.DefaultTOTPConfiguration.Period,
 		},
 	}
 	expectedBody := ExtendedConfigurationBody{
 		AvailableMethods:    []string{"totp", "u2f", "mobile_push"},
 		SecondFactorEnabled: false,
-		TOTPPeriod:          validator.DefaultTOTPPeriod,
+		TOTPPeriod:          schema.DefaultTOTPConfiguration.Period,
 	}
 	ExtendedConfigurationGet(s.mock.Ctx)
 	s.mock.Assert200OK(s.T(), expectedBody)
@ -62,7 +61,7 @@ func (s *SecondFactorAvailableMethodsFixture) TestShouldServeDefaultMethodsAndMo
 func (s *SecondFactorAvailableMethodsFixture) TestShouldCheckSecondFactorIsDisabledWhenNoRuleIsSetToTwoFactor() {
 	s.mock.Ctx.Configuration = schema.Configuration{
 		TOTP: &schema.TOTPConfiguration{
-			Period: validator.DefaultTOTPPeriod,
+			Period: schema.DefaultTOTPConfiguration.Period,
 		},
 	}
 	s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(schema.AccessControlConfiguration{
@ -86,14 +85,14 @@ func (s *SecondFactorAvailableMethodsFixture) TestShouldCheckSecondFactorIsDisab
 	s.mock.Assert200OK(s.T(), ExtendedConfigurationBody{
 		AvailableMethods:    []string{"totp", "u2f"},
 		SecondFactorEnabled: false,
-		TOTPPeriod:          validator.DefaultTOTPPeriod,
+		TOTPPeriod:          schema.DefaultTOTPConfiguration.Period,
 	})
 }

 func (s *SecondFactorAvailableMethodsFixture) TestShouldCheckSecondFactorIsEnabledWhenDefaultPolicySetToTwoFactor() {
 	s.mock.Ctx.Configuration = schema.Configuration{
 		TOTP: &schema.TOTPConfiguration{
-			Period: validator.DefaultTOTPPeriod,
+			Period: schema.DefaultTOTPConfiguration.Period,
 		},
 	}
 	s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(schema.AccessControlConfiguration{
@ -117,14 +116,14 @@ func (s *SecondFactorAvailableMethodsFixture) TestShouldCheckSecondFactorIsEnabl
 	s.mock.Assert200OK(s.T(), ExtendedConfigurationBody{
 		AvailableMethods:    []string{"totp", "u2f"},
 		SecondFactorEnabled: true,
-		TOTPPeriod:          validator.DefaultTOTPPeriod,
+		TOTPPeriod:          schema.DefaultTOTPConfiguration.Period,
 	})
 }

 func (s *SecondFactorAvailableMethodsFixture) TestShouldCheckSecondFactorIsEnabledWhenSomePolicySetToTwoFactor() {
 	s.mock.Ctx.Configuration = schema.Configuration{
 		TOTP: &schema.TOTPConfiguration{
-			Period: validator.DefaultTOTPPeriod,
+			Period: schema.DefaultTOTPConfiguration.Period,
 		},
 	}
 	s.mock.Ctx.Providers.Authorizer = authorization.NewAuthorizer(schema.AccessControlConfiguration{
@ -148,7 +147,7 @@ func (s *SecondFactorAvailableMethodsFixture) TestShouldCheckSecondFactorIsEnabl
 	s.mock.Assert200OK(s.T(), ExtendedConfigurationBody{
 		AvailableMethods:    []string{"totp", "u2f"},
 		SecondFactorEnabled: true,
-		TOTPPeriod:          validator.DefaultTOTPPeriod,
+		TOTPPeriod:          schema.DefaultTOTPConfiguration.Period,
 	})
 }

--- a/internal/handlers/handler_firstfactor_test.go
+++ b/internal/handlers/handler_firstfactor_test.go
@ -9,11 +9,12 @@ import (
 	"github.com/authelia/authelia/internal/mocks"
 	"github.com/authelia/authelia/internal/models"

-	"github.com/authelia/authelia/internal/authentication"
 	"github.com/golang/mock/gomock"
 	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/authentication"
 )

 type FirstFactorSuite struct {
--- a/internal/handlers/handler_register_totp.go
+++ b/internal/handlers/handler_register_totp.go
@ -3,9 +3,10 @@ package handlers
 import (
 	"fmt"

+	"github.com/pquerna/otp/totp"
+
 	"github.com/authelia/authelia/internal/middlewares"
 	"github.com/authelia/authelia/internal/session"
-	"github.com/pquerna/otp/totp"
 )

 // identityRetrieverFromSession retriever computing the identity from the cookie session.
--- a/internal/handlers/handler_register_u2f_step1.go
+++ b/internal/handlers/handler_register_u2f_step1.go
@ -3,8 +3,9 @@ package handlers
 import (
 	"fmt"

-	"github.com/authelia/authelia/internal/middlewares"
 	"github.com/tstranex/u2f"
+
+	"github.com/authelia/authelia/internal/middlewares"
 )

 var u2fConfig = &u2f.Config{
--- a/internal/handlers/handler_register_u2f_step1_test.go
+++ b/internal/handlers/handler_register_u2f_step1_test.go
@ -5,12 +5,13 @@ import (
 	"testing"
 	"time"

-	"github.com/authelia/authelia/internal/middlewares"
-	"github.com/authelia/authelia/internal/mocks"
 	"github.com/dgrijalva/jwt-go"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/middlewares"
+	"github.com/authelia/authelia/internal/mocks"
 )

 type HandlerRegisterU2FStep1Suite struct {
--- a/internal/handlers/handler_register_u2f_step2.go
+++ b/internal/handlers/handler_register_u2f_step2.go
@ -4,8 +4,9 @@ import (
 	"crypto/elliptic"
 	"fmt"

-	"github.com/authelia/authelia/internal/middlewares"
 	"github.com/tstranex/u2f"
+
+	"github.com/authelia/authelia/internal/middlewares"
 )

 // SecondFactorU2FRegister handler validating the client has successfully validated the challenge
--- a/internal/handlers/handler_sign_duo_test.go
+++ b/internal/handlers/handler_sign_duo_test.go
@ -7,11 +7,12 @@ import (
 	"regexp"
 	"testing"

-	"github.com/authelia/authelia/internal/duo"
-	"github.com/authelia/authelia/internal/mocks"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/duo"
+	"github.com/authelia/authelia/internal/mocks"
 )

 type SecondFactorDuoPostSuite struct {
--- a/internal/handlers/handler_sign_totp_test.go
+++ b/internal/handlers/handler_sign_totp_test.go
@ -5,11 +5,12 @@ import (
 	"regexp"
 	"testing"

-	"github.com/authelia/authelia/internal/mocks"
-	"github.com/authelia/authelia/internal/session"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/suite"
 	"github.com/tstranex/u2f"
+
+	"github.com/authelia/authelia/internal/mocks"
+	"github.com/authelia/authelia/internal/session"
 )

 type HandlerSignTOTPSuite struct {
--- a/internal/handlers/handler_sign_u2f_step1.go
+++ b/internal/handlers/handler_sign_u2f_step1.go
@ -4,10 +4,11 @@ import (
 	"crypto/elliptic"
 	"fmt"

+	"github.com/tstranex/u2f"
+
 	"github.com/authelia/authelia/internal/middlewares"
 	"github.com/authelia/authelia/internal/session"
 	"github.com/authelia/authelia/internal/storage"
-	"github.com/tstranex/u2f"
 )

 // SecondFactorU2FSignGet handler for initiating a signing request.
--- a/internal/handlers/handler_sign_u2f_step1_test.go
+++ b/internal/handlers/handler_sign_u2f_step1_test.go
@ -3,9 +3,10 @@ package handlers
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/mocks"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/mocks"
 )

 type HandlerSignU2FStep1Suite struct {
--- a/internal/handlers/handler_sign_u2f_step2_test.go
+++ b/internal/handlers/handler_sign_u2f_step2_test.go
@ -5,11 +5,12 @@ import (
 	"regexp"
 	"testing"

-	"github.com/authelia/authelia/internal/mocks"
-	"github.com/authelia/authelia/internal/session"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/suite"
 	"github.com/tstranex/u2f"
+
+	"github.com/authelia/authelia/internal/mocks"
+	"github.com/authelia/authelia/internal/session"
 )

 type HandlerSignU2FStep2Suite struct {
--- a/internal/handlers/handler_state_test.go
+++ b/internal/handlers/handler_state_test.go
@ -6,9 +6,10 @@ import (

 	"github.com/authelia/authelia/internal/mocks"

-	"github.com/authelia/authelia/internal/authentication"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/authentication"
 )

 type StateGetSuite struct {
--- a/internal/handlers/handler_user_info.go
+++ b/internal/handlers/handler_user_info.go
@ -5,11 +5,12 @@ import (
 	"strings"
 	"sync"

+	"github.com/sirupsen/logrus"
+
 	"github.com/authelia/authelia/internal/authentication"
 	"github.com/authelia/authelia/internal/middlewares"
 	"github.com/authelia/authelia/internal/storage"
 	"github.com/authelia/authelia/internal/utils"
-	"github.com/sirupsen/logrus"
 )

 func loadInfo(username string, storageProvider storage.Provider, preferences *UserPreferences, logger *logrus.Entry) []error {
--- a/internal/handlers/handler_verify.go
+++ b/internal/handlers/handler_verify.go
@ -8,10 +8,11 @@ import (
 	"strings"
 	"time"

+	"github.com/valyala/fasthttp"
+
 	"github.com/authelia/authelia/internal/authentication"
 	"github.com/authelia/authelia/internal/authorization"
 	"github.com/authelia/authelia/internal/middlewares"
-	"github.com/valyala/fasthttp"
 )

 func isURLUnderProtectedDomain(url *url.URL, domain string) bool {
@ -155,8 +156,7 @@ func setForwardedHeaders(headers *fasthttp.ResponseHeader, username string, grou
 // hasUserBeenInactiveLongEnough check whether the user has been inactive for too long.
 func hasUserBeenInactiveLongEnough(ctx *middlewares.AutheliaCtx) (bool, error) {

-	// TODO(james-d-elliott): Convert to duration notation
-	maxInactivityPeriod := ctx.Configuration.Session.Inactivity
+	maxInactivityPeriod := int64(ctx.Providers.SessionProvider.Inactivity.Seconds())
 	if maxInactivityPeriod == 0 {
 		return false, nil
 	}
--- a/internal/handlers/handler_verify_test.go
+++ b/internal/handlers/handler_verify_test.go
@ -7,14 +7,17 @@ import (
 	"testing"
 	"time"

-	"github.com/authelia/authelia/internal/authentication"
-	"github.com/authelia/authelia/internal/authorization"
-	"github.com/authelia/authelia/internal/configuration/schema"
-	"github.com/authelia/authelia/internal/mocks"
+	"github.com/authelia/authelia/internal/session"
+
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/authentication"
+	"github.com/authelia/authelia/internal/authorization"
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/mocks"
 )

 // Test getOriginalURL
@ -469,8 +472,38 @@ func TestShouldDestroySessionWhenInactiveForTooLong(t *testing.T) {
 	clock := mocks.TestingClock{}
 	clock.Set(time.Now())

-	// TODO(james-d-elliott): Convert to duration notation
-	mock.Ctx.Configuration.Session.Inactivity = 10
+	mock.Ctx.Configuration.Session.Inactivity = "10"
+	// Reload the session provider since the configuration is indirect
+	mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session)
+	assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)
+
+	userSession := mock.Ctx.GetSession()
+	userSession.Username = "john"
+	userSession.AuthenticationLevel = authentication.TwoFactor
+	userSession.LastActivity = clock.Now().Add(-1 * time.Hour).Unix()
+	mock.Ctx.SaveSession(userSession)
+
+	mock.Ctx.Request.Header.Set("X-Original-URL", "https://two-factor.example.com")
+
+	VerifyGet(mock.Ctx)
+
+	// The session has been destroyed
+	newUserSession := mock.Ctx.GetSession()
+	assert.Equal(t, "", newUserSession.Username)
+	assert.Equal(t, authentication.NotAuthenticated, newUserSession.AuthenticationLevel)
+}
+
+func TestShouldDestroySessionWhenInactiveForTooLongUsingDurationNotation(t *testing.T) {
+	mock := mocks.NewMockAutheliaCtx(t)
+	defer mock.Close()
+
+	clock := mocks.TestingClock{}
+	clock.Set(time.Now())
+
+	mock.Ctx.Configuration.Session.Inactivity = "10s"
+	// Reload the session provider since the configuration is indirect
+	mock.Ctx.Providers.SessionProvider = session.NewProvider(mock.Ctx.Configuration.Session)
+	assert.Equal(t, time.Second*10, mock.Ctx.Providers.SessionProvider.Inactivity)

 	userSession := mock.Ctx.GetSession()
 	userSession.Username = "john"
@ -495,8 +528,7 @@ func TestShouldKeepSessionWhenUserCheckedRememberMeAndIsInactiveForTooLong(t *te
 	clock := mocks.TestingClock{}
 	clock.Set(time.Now())

-	// TODO(james-d-elliott): Convert to duration notation
-	mock.Ctx.Configuration.Session.Inactivity = 10
+	mock.Ctx.Configuration.Session.Inactivity = "10"

 	userSession := mock.Ctx.GetSession()
 	userSession.Username = "john"
@ -522,8 +554,7 @@ func TestShouldKeepSessionWhenInactivityTimeoutHasNotBeenExceeded(t *testing.T)
 	clock := mocks.TestingClock{}
 	clock.Set(time.Now())

-	// TODO(james-d-elliott): Convert to duration notation
-	mock.Ctx.Configuration.Session.Inactivity = 10
+	mock.Ctx.Configuration.Session.Inactivity = "10"

 	userSession := mock.Ctx.GetSession()
 	userSession.Username = "john"
--- a/internal/handlers/totp.go
+++ b/internal/handlers/totp.go
@ -1,9 +1,10 @@
 package handlers

 import (
+	"time"
+
 	"github.com/pquerna/otp"
 	"github.com/pquerna/otp/totp"
-	"time"
 )

 type TOTPVerifier interface {
--- a/internal/handlers/totp_mock.go
+++ b/internal/handlers/totp_mock.go
@ -5,8 +5,9 @@
 package handlers

 import (
-	gomock "github.com/golang/mock/gomock"
 	reflect "reflect"
+
+	gomock "github.com/golang/mock/gomock"
 )

 // MockTOTPVerifier is a mock of TOTPVerifier interface
--- a/internal/handlers/types.go
+++ b/internal/handlers/types.go
@ -1,8 +1,9 @@
 package handlers

 import (
-	"github.com/authelia/authelia/internal/authentication"
 	"github.com/tstranex/u2f"
+
+	"github.com/authelia/authelia/internal/authentication"
 )

 // MethodList is the list of available methods.
--- a/internal/handlers/u2f_mock.go
+++ b/internal/handlers/u2f_mock.go
@ -5,9 +5,10 @@
 package handlers

 import (
+	reflect "reflect"
+
 	gomock "github.com/golang/mock/gomock"
 	u2f "github.com/tstranex/u2f"
-	reflect "reflect"
 )

 // MockU2FVerifier is a mock of U2FVerifier interface
--- a/internal/middlewares/authelia_context.go
+++ b/internal/middlewares/authelia_context.go
@ -7,11 +7,12 @@ import (
 	"strings"

 	"github.com/asaskevich/govalidator"
+	"github.com/sirupsen/logrus"
+	"github.com/valyala/fasthttp"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/session"
 	"github.com/authelia/authelia/internal/utils"
-	"github.com/sirupsen/logrus"
-	"github.com/valyala/fasthttp"
 )

 // NewRequestLogger create a new request logger for the given request.
--- a/internal/middlewares/authelia_context_test.go
+++ b/internal/middlewares/authelia_context_test.go
@ -5,12 +5,13 @@ import (

 	"github.com/authelia/authelia/internal/session"

-	"github.com/authelia/authelia/internal/configuration/schema"
-	"github.com/authelia/authelia/internal/middlewares"
-	"github.com/authelia/authelia/internal/mocks"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/valyala/fasthttp"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/middlewares"
+	"github.com/authelia/authelia/internal/mocks"
 )

 func TestShouldCallNextWithAutheliaCtx(t *testing.T) {
--- a/internal/middlewares/identity_verification.go
+++ b/internal/middlewares/identity_verification.go
@ -6,8 +6,9 @@ import (
 	"fmt"
 	"time"

-	"github.com/authelia/authelia/internal/templates"
 	jwt "github.com/dgrijalva/jwt-go"
+
+	"github.com/authelia/authelia/internal/templates"
 )

 // IdentityVerificationStart the handler for initiating the identity validation process.
--- a/internal/middlewares/identity_verification_test.go
+++ b/internal/middlewares/identity_verification_test.go
@ -5,13 +5,14 @@ import (
 	"testing"
 	"time"

-	"github.com/authelia/authelia/internal/middlewares"
-	"github.com/authelia/authelia/internal/mocks"
-	"github.com/authelia/authelia/internal/session"
 	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/middlewares"
+	"github.com/authelia/authelia/internal/mocks"
+	"github.com/authelia/authelia/internal/session"
 )

 func newArgs(retriever func(ctx *middlewares.AutheliaCtx) (*session.Identity, error)) middlewares.IdentityVerificationStartArgs {
--- a/internal/middlewares/types.go
+++ b/internal/middlewares/types.go
@ -1,6 +1,10 @@
 package middlewares

 import (
+	jwt "github.com/dgrijalva/jwt-go"
+	"github.com/sirupsen/logrus"
+	"github.com/valyala/fasthttp"
+
 	"github.com/authelia/authelia/internal/authentication"
 	"github.com/authelia/authelia/internal/authorization"
 	"github.com/authelia/authelia/internal/configuration/schema"
@ -9,9 +13,6 @@ import (
 	"github.com/authelia/authelia/internal/session"
 	"github.com/authelia/authelia/internal/storage"
 	"github.com/authelia/authelia/internal/utils"
-	jwt "github.com/dgrijalva/jwt-go"
-	"github.com/sirupsen/logrus"
-	"github.com/valyala/fasthttp"
 )

 // AutheliaCtx contains all server variables related to Authelia.
--- a/internal/mocks/mock_authelia_ctx.go
+++ b/internal/mocks/mock_authelia_ctx.go
@ -6,19 +6,21 @@ import (
 	"testing"
 	"time"

-	"github.com/authelia/authelia/internal/regulation"
-	"github.com/authelia/authelia/internal/storage"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

+	"github.com/authelia/authelia/internal/regulation"
+	"github.com/authelia/authelia/internal/storage"
+
+	"github.com/golang/mock/gomock"
+	"github.com/sirupsen/logrus"
+	"github.com/sirupsen/logrus/hooks/test"
+	"github.com/valyala/fasthttp"
+
 	"github.com/authelia/authelia/internal/authorization"
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/middlewares"
 	"github.com/authelia/authelia/internal/session"
-	"github.com/golang/mock/gomock"
-	"github.com/sirupsen/logrus"
-	"github.com/sirupsen/logrus/hooks/test"
-	"github.com/valyala/fasthttp"
 )

 // MockAutheliaCtx a mock of AutheliaCtx
--- a/internal/mocks/mock_duo_api.go
+++ b/internal/mocks/mock_duo_api.go
@ -8,9 +8,10 @@ import (
 	url "net/url"
 	reflect "reflect"

+	gomock "github.com/golang/mock/gomock"
+
 	duo "github.com/authelia/authelia/internal/duo"
 	"github.com/authelia/authelia/internal/middlewares"
-	gomock "github.com/golang/mock/gomock"
 )

 // MockAPI is a mock of API interface
--- a/internal/mocks/mock_user_provider.go
+++ b/internal/mocks/mock_user_provider.go
@ -7,8 +7,9 @@ package mocks
 import (
 	reflect "reflect"

-	authentication "github.com/authelia/authelia/internal/authentication"
 	gomock "github.com/golang/mock/gomock"
+
+	authentication "github.com/authelia/authelia/internal/authentication"
 )

 // MockUserProvider is a mock of UserProvider interface
--- a/internal/notification/notifier.go
+++ b/internal/notification/notifier.go
@ -2,5 +2,5 @@ package notification

 // Notifier interface for sending the identity verification link.
 type Notifier interface {
-	Send(recipient,  subject, body string) error
+	Send(recipient, subject, body string) error
 }
--- a/internal/notification/smtp_login_auth_test.go
+++ b/internal/notification/smtp_login_auth_test.go
@ -20,11 +20,11 @@ func TestFullLoginAuth(t *testing.T) {
 	auth := newLoginAuth(username, password, "mail.authelia.com")

 	proto, _, err := auth.Start(serverInfo)
-	assert.Equal(t,"LOGIN", proto)
+	assert.Equal(t, "LOGIN", proto)
 	require.NoError(t, err)

 	toServer, err := auth.Next([]byte("Username:"), true)
-	assert.Equal(t,[]byte(username), toServer)
+	assert.Equal(t, []byte(username), toServer)
 	require.NoError(t, err)

 	toServer, err = auth.Next([]byte("Password:"), true)
@ -32,7 +32,7 @@ func TestFullLoginAuth(t *testing.T) {
 	require.NoError(t, err)

 	toServer, err = auth.Next([]byte(nil), false)
-	assert.Equal(t,[]byte(nil), toServer)
+	assert.Equal(t, []byte(nil), toServer)
 	require.NoError(t, err)

 	toServer, err = auth.Next([]byte("test"), true)
@ -60,7 +60,7 @@ func TestTLSNotNeededForLocalhost(t *testing.T) {
 	auth := newLoginAuth("john", "strongpw123", "localhost")

 	proto, _, err := auth.Start(serverInfo)
-	assert.Equal(t,"LOGIN", proto)
+	assert.Equal(t, "LOGIN", proto)
 	require.NoError(t, err)
 }

@ -73,4 +73,4 @@ func TestTLSNeededForNonLocalhost(t *testing.T) {
 	auth := newLoginAuth("john", "strongpw123", "mail.authelia.com")
 	_, _, err := auth.Start(serverInfo)
 	assert.EqualError(t, err, "connection over plain-text")
-}
+}
--- a/internal/notification/smtp_notifier.go
+++ b/internal/notification/smtp_notifier.go
@ -9,9 +9,10 @@ import (
 	"net/smtp"
 	"strings"

+	log "github.com/sirupsen/logrus"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/utils"
-	log "github.com/sirupsen/logrus"
 )

 // SMTPNotifier a notifier to send emails to SMTP servers.
--- a/internal/regulation/regulator.go
+++ b/internal/regulation/regulator.go
@ -15,14 +15,24 @@ func NewRegulator(configuration *schema.RegulationConfiguration, provider storag
 	regulator := &Regulator{storageProvider: provider}
 	regulator.clock = clock
 	if configuration != nil {
-		if configuration.FindTime > configuration.BanTime {
+		findTime, err := utils.ParseDurationString(configuration.FindTime)
+		if err != nil {
+			panic(err)
+		}
+		banTime, err := utils.ParseDurationString(configuration.BanTime)
+		if err != nil {
+			panic(err)
+		}
+
+		if findTime > banTime {
 			panic(fmt.Errorf("find_time cannot be greater than ban_time"))
 		}
+
 		// Set regulator enabled only if MaxRetries is not 0.
 		regulator.enabled = configuration.MaxRetries > 0
 		regulator.maxRetries = configuration.MaxRetries
-		regulator.findTime = time.Duration(configuration.FindTime) * time.Second
-		regulator.banTime = time.Duration(configuration.BanTime) * time.Second
+		regulator.findTime = findTime
+		regulator.banTime = banTime
 	}
 	return regulator
 }
--- a/internal/regulation/regulator_test.go
+++ b/internal/regulation/regulator_test.go
@ -4,14 +4,15 @@ import (
 	"testing"
 	"time"

+	"github.com/golang/mock/gomock"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/suite"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/mocks"
 	"github.com/authelia/authelia/internal/models"
 	"github.com/authelia/authelia/internal/regulation"
 	"github.com/authelia/authelia/internal/storage"
-	"github.com/golang/mock/gomock"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/suite"
 )

 type RegulatorSuite struct {
@ -29,8 +30,8 @@ func (s *RegulatorSuite) SetupTest() {

 	s.configuration = schema.RegulationConfiguration{
 		MaxRetries: 3,
-		BanTime:    180,
-		FindTime:   30,
+		BanTime:    "180",
+		FindTime:   "30",
 	}
 	s.clock.Set(time.Now())
 }
@ -282,8 +283,8 @@ func (s *RegulatorSuite) TestShouldHaveRegulatorDisabled() {
 	// Check Disabled Functionality
 	configuration := schema.RegulationConfiguration{
 		MaxRetries: 0,
-		FindTime:   180,
-		BanTime:    180,
+		FindTime:   "180",
+		BanTime:    "180",
 	}

 	regulator := regulation.NewRegulator(&configuration, s.storageMock, &s.clock)
@ -293,8 +294,8 @@ func (s *RegulatorSuite) TestShouldHaveRegulatorDisabled() {
 	// Check Enabled Functionality
 	configuration = schema.RegulationConfiguration{
 		MaxRetries: 1,
-		FindTime:   180,
-		BanTime:    180,
+		FindTime:   "180",
+		BanTime:    "180",
 	}

 	regulator = regulation.NewRegulator(&configuration, s.storageMock, &s.clock)
--- a/internal/server/server.go
+++ b/internal/server/server.go
@ -5,14 +5,15 @@ import (
 	"os"
 	"path"

+	duoapi "github.com/duosecurity/duo_api_golang"
+	"github.com/fasthttp/router"
+	"github.com/valyala/fasthttp"
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/duo"
 	"github.com/authelia/authelia/internal/handlers"
 	"github.com/authelia/authelia/internal/logging"
 	"github.com/authelia/authelia/internal/middlewares"
-	duoapi "github.com/duosecurity/duo_api_golang"
-	"github.com/fasthttp/router"
-	"github.com/valyala/fasthttp"
 )

 // StartServer start Authelia server with the given configuration and providers.
--- a/internal/session/encrypting_serializer.go
+++ b/internal/session/encrypting_serializer.go
@ -4,8 +4,9 @@ import (
 	"crypto/sha256"
 	"fmt"

-	"github.com/authelia/authelia/internal/utils"
 	"github.com/fasthttp/session"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 // EncryptingSerializer a serializer encrypting the data with AES-GCM with 256-bit keys.
--- a/internal/session/mocks/mock_storer.go
+++ b/internal/session/mocks/mock_storer.go
@ -5,10 +5,11 @@
 package mock_session

 import (
-	session "github.com/fasthttp/session"
-	gomock "github.com/golang/mock/gomock"
 	reflect "reflect"
 	time "time"
+
+	session "github.com/fasthttp/session"
+	gomock "github.com/golang/mock/gomock"
 )

 // MockStorer is a mock of Storer interface
--- a/internal/session/provider.go
+++ b/internal/session/provider.go
@ -2,18 +2,20 @@ package session

 import (
 	"encoding/json"
-	"github.com/authelia/authelia/internal/utils"
 	"time"

-	"github.com/authelia/authelia/internal/configuration/schema"
 	fasthttpsession "github.com/fasthttp/session"
 	"github.com/valyala/fasthttp"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/utils"
 )

 // Provider a session provider.
 type Provider struct {
 	sessionHolder *fasthttpsession.Session
 	RememberMe    time.Duration
+	Inactivity    time.Duration
 }

 // NewProvider instantiate a session provider given a configuration.
@ -22,11 +24,19 @@ func NewProvider(configuration schema.SessionConfiguration) *Provider {

 	provider := new(Provider)
 	provider.sessionHolder = fasthttpsession.New(providerConfig.config)
+
 	duration, err := utils.ParseDurationString(configuration.RememberMeDuration)
 	if err != nil {
 		panic(err)
 	}
 	provider.RememberMe = duration
+
+	duration, err = utils.ParseDurationString(configuration.Inactivity)
+	if err != nil {
+		panic(err)
+	}
+	provider.Inactivity = duration
+
 	err = provider.sessionHolder.SetProvider(providerConfig.providerName, providerConfig.providerConfig)
 	if err != nil {
 		panic(err)
--- a/internal/session/provider_config.go
+++ b/internal/session/provider_config.go
@ -1,14 +1,13 @@
 package session

 import (
-	"time"
-
-	"github.com/valyala/fasthttp"
-
-	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/fasthttp/session"
 	"github.com/fasthttp/session/memory"
 	"github.com/fasthttp/session/redis"
+	"github.com/valyala/fasthttp"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/utils"
 )

 // NewProviderConfig creates a configuration for creating the session provider
@ -24,13 +23,8 @@ func NewProviderConfig(configuration schema.SessionConfiguration) ProviderConfig
 	// Only serve the header over HTTPS.
 	config.Secure = true

-	// TODO(james-d-elliott): Convert to duration notation
-	if configuration.Expiration > 0 {
-		config.Expires = time.Duration(configuration.Expiration) * time.Second
-	} else {
-		// If Expiration is 0 then cookie expiration is disabled.
-		config.Expires = 0
-	}
+	// Ignore the error as it will be handled by validator
+	config.Expires, _ = utils.ParseDurationString(configuration.Expiration)

 	// TODO(c.michaud): Make this configurable by giving the list of IPs that are trustable.
 	config.IsSecureFunc = func(*fasthttp.RequestCtx) bool {
--- a/internal/session/provider_config_test.go
+++ b/internal/session/provider_config_test.go
@ -5,13 +5,14 @@ import (
 	"testing"
 	"time"

-	"github.com/authelia/authelia/internal/configuration/schema"
-	"github.com/authelia/authelia/internal/utils"
 	"github.com/fasthttp/session"
 	"github.com/fasthttp/session/memory"
 	"github.com/fasthttp/session/redis"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/authelia/authelia/internal/configuration/schema"
+	"github.com/authelia/authelia/internal/utils"
 )

 func TestShouldCreateInMemorySessionProvider(t *testing.T) {
@ -19,8 +20,7 @@ func TestShouldCreateInMemorySessionProvider(t *testing.T) {
 	configuration := schema.SessionConfiguration{}
 	configuration.Domain = "example.com"
 	configuration.Name = "my_session"
-	// TODO(james-d-elliott): Convert to duration notation
-	configuration.Expiration = 40
+	configuration.Expiration = "40"
 	providerConfig := NewProviderConfig(configuration)

 	assert.Equal(t, "my_session", providerConfig.config.CookieName)
@ -38,8 +38,7 @@ func TestShouldCreateRedisSessionProvider(t *testing.T) {
 	configuration := schema.SessionConfiguration{}
 	configuration.Domain = "example.com"
 	configuration.Name = "my_session"
-	// TODO(james-d-elliott): Convert to duration notation
-	configuration.Expiration = 40
+	configuration.Expiration = "40"
 	configuration.Redis = &schema.RedisSessionConfiguration{
 		Host:     "redis.example.com",
 		Port:     6379,
@ -68,8 +67,7 @@ func TestShouldSetDbNumber(t *testing.T) {
 	configuration := schema.SessionConfiguration{}
 	configuration.Domain = "example.com"
 	configuration.Name = "my_session"
-	// TODO(james-d-elliott): Convert to duration notation
-	configuration.Expiration = 40
+	configuration.Expiration = "40"
 	configuration.Redis = &schema.RedisSessionConfiguration{
 		Host:          "redis.example.com",
 		Port:          6379,
--- a/internal/session/provider_test.go
+++ b/internal/session/provider_test.go
@ -3,13 +3,11 @@ package session
 import (
 	"testing"

-	"github.com/authelia/authelia/internal/authentication"
-
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-
 	"github.com/valyala/fasthttp"

+	"github.com/authelia/authelia/internal/authentication"
 	"github.com/authelia/authelia/internal/configuration/schema"
 )

@ -18,8 +16,7 @@ func TestShouldInitializerSession(t *testing.T) {
 	configuration := schema.SessionConfiguration{}
 	configuration.Domain = "example.com"
 	configuration.Name = "my_session"
-	// TODO(james-d-elliott): Convert to duration notation
-	configuration.Expiration = 40
+	configuration.Expiration = "40"

 	provider := NewProvider(configuration)
 	session, err := provider.GetSession(ctx)
@ -33,8 +30,7 @@ func TestShouldUpdateSession(t *testing.T) {
 	configuration := schema.SessionConfiguration{}
 	configuration.Domain = "example.com"
 	configuration.Name = "my_session"
-	// TODO(james-d-elliott): Convert to duration notation
-	configuration.Expiration = 40
+	configuration.Expiration = "40"

 	provider := NewProvider(configuration)
 	session, _ := provider.GetSession(ctx)
@ -59,8 +55,7 @@ func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {
 	configuration := schema.SessionConfiguration{}
 	configuration.Domain = "example.com"
 	configuration.Name = "my_session"
-	// TODO(james-d-elliott): Convert to duration notation
-	configuration.Expiration = 40
+	configuration.Expiration = "40"

 	provider := NewProvider(configuration)
 	session, err := provider.GetSession(ctx)
--- a/internal/session/types.go
+++ b/internal/session/types.go
@ -1,9 +1,10 @@
 package session

 import (
-	"github.com/authelia/authelia/internal/authentication"
 	"github.com/fasthttp/session"
 	"github.com/tstranex/u2f"
+
+	"github.com/authelia/authelia/internal/authentication"
 )

 // ProviderConfig is the configuration used to create the session provider.
--- a/internal/storage/mysql_provider.go
+++ b/internal/storage/mysql_provider.go
@ -4,9 +4,10 @@ import (
 	"database/sql"
 	"fmt"

+	_ "github.com/go-sql-driver/mysql" // Load the MySQL Driver used in the connection string.
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/logging"
-	_ "github.com/go-sql-driver/mysql" // Load the MySQL Driver used in the connection string.
 )

 // MySQLProvider is a MySQL provider
--- a/internal/storage/postgres_provider.go
+++ b/internal/storage/postgres_provider.go
@ -5,9 +5,10 @@ import (
 	"fmt"
 	"strings"

+	_ "github.com/lib/pq" // Load the PostgreSQL Driver used in the connection string.
+
 	"github.com/authelia/authelia/internal/configuration/schema"
 	"github.com/authelia/authelia/internal/logging"
-	_ "github.com/lib/pq" // Load the PostgreSQL Driver used in the connection string.
 )

 // PostgreSQLProvider is a Postrgres provider
--- a/internal/storage/provider_mock.go
+++ b/internal/storage/provider_mock.go
@ -5,10 +5,12 @@
 package storage

 import (
-	models "github.com/authelia/authelia/internal/models"
-	gomock "github.com/golang/mock/gomock"
 	reflect "reflect"
 	time "time"
+
+	gomock "github.com/golang/mock/gomock"
+
+	models "github.com/authelia/authelia/internal/models"
 )

 // MockProvider is a mock of Provider interface
--- a/internal/storage/sqlite_provider.go
+++ b/internal/storage/sqlite_provider.go
@ -4,8 +4,9 @@ import (
 	"database/sql"
 	"fmt"

-	"github.com/authelia/authelia/internal/logging"
 	_ "github.com/mattn/go-sqlite3" // Load the SQLite Driver used in the connection string.
+
+	"github.com/authelia/authelia/internal/logging"
 )

 // SQLiteProvider is a sqlite3 provider
--- a/internal/suites/docker.go
+++ b/internal/suites/docker.go
@ -6,8 +6,9 @@ import (
 	"os/exec"
 	"strings"

-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 // DockerEnvironment represent a docker environment
--- a/internal/suites/environment.go
+++ b/internal/suites/environment.go
@ -5,8 +5,9 @@ import (
 	"strings"
 	"time"

-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 func waitUntilServiceLogDetected(
--- a/internal/suites/suite_kubernetes.go
+++ b/internal/suites/suite_kubernetes.go
@ -5,8 +5,9 @@ import (
 	"os"
 	"time"

-	"github.com/authelia/authelia/internal/utils"
 	log "github.com/sirupsen/logrus"
+
+	"github.com/authelia/authelia/internal/utils"
 )

 var kubernetesSuiteName = "Kubernetes"
--- a/internal/suites/suite_standalone_test.go
+++ b/internal/suites/suite_standalone_test.go
@ -10,9 +10,10 @@ import (
 	"testing"
 	"time"

-	"github.com/authelia/authelia/internal/storage"
 	"github.com/stretchr/testify/require"
 	"github.com/stretchr/testify/suite"
+
+	"github.com/authelia/authelia/internal/storage"
 )

 type StandaloneWebDriverSuite struct {
--- a/internal/utils/time_test.go
+++ b/internal/utils/time_test.go
@ -1,9 +1,10 @@
 package utils

 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/assert"
 )

 func TestShouldParseDurationString(t *testing.T) {