fix(configuration): remember me duration disabled impossible (#2997)
This fixes an issue not properly resolved by db6dd32151
.
pull/3007/head
parent
a7d3f8f16b
commit
b43ee50368
|
@ -295,6 +295,7 @@ func TestShouldDecodeSMTPSenderWithName(t *testing.T) {
|
|||
|
||||
assert.Equal(t, "Admin", config.Notifier.SMTP.Sender.Name)
|
||||
assert.Equal(t, "admin@example.com", config.Notifier.SMTP.Sender.Address)
|
||||
assert.Equal(t, schema.RememberMeDisabled, config.Session.RememberMeDuration)
|
||||
}
|
||||
|
||||
func TestShouldNotReadConfigurationOnFSAccessDenied(t *testing.T) {
|
||||
|
|
|
@ -9,20 +9,24 @@ const argon2id = "argon2id"
|
|||
// ProfileRefreshDisabled represents a value for refresh_interval that disables the check entirely.
|
||||
const ProfileRefreshDisabled = "disable"
|
||||
|
||||
const (
|
||||
// ProfileRefreshAlways represents a value for refresh_interval that's the same as 0ms.
|
||||
const ProfileRefreshAlways = "always"
|
||||
ProfileRefreshAlways = "always"
|
||||
|
||||
// RefreshIntervalDefault represents the default value of refresh_interval.
|
||||
const RefreshIntervalDefault = "5m"
|
||||
RefreshIntervalDefault = "5m"
|
||||
|
||||
// RefreshIntervalAlways represents the duration value refresh interval should have if set to always.
|
||||
const RefreshIntervalAlways = 0 * time.Millisecond
|
||||
RefreshIntervalAlways = 0 * time.Millisecond
|
||||
)
|
||||
|
||||
const (
|
||||
// LDAPImplementationCustom is the string for the custom LDAP implementation.
|
||||
const LDAPImplementationCustom = "custom"
|
||||
LDAPImplementationCustom = "custom"
|
||||
|
||||
// LDAPImplementationActiveDirectory is the string for the Active Directory LDAP implementation.
|
||||
const LDAPImplementationActiveDirectory = "activedirectory"
|
||||
LDAPImplementationActiveDirectory = "activedirectory"
|
||||
)
|
||||
|
||||
// TOTP Algorithm.
|
||||
const (
|
||||
|
@ -31,6 +35,11 @@ const (
|
|||
TOTPAlgorithmSHA512 = "SHA512"
|
||||
)
|
||||
|
||||
const (
|
||||
// RememberMeDisabled represents the duration for a disabled remember me session configuration.
|
||||
RememberMeDisabled = time.Second * -1
|
||||
)
|
||||
|
||||
var (
|
||||
// TOTPPossibleAlgorithms is a list of valid TOTP Algorithms.
|
||||
TOTPPossibleAlgorithms = []string{TOTPAlgorithmSHA1, TOTPAlgorithmSHA256, TOTPAlgorithmSHA512}
|
||||
|
|
|
@ -97,6 +97,7 @@ session:
|
|||
name: authelia_session
|
||||
expiration: 3600000 # 1 hour
|
||||
inactivity: 300000 # 5 minutes
|
||||
remember_me_duration: -1
|
||||
domain: example.com
|
||||
redis:
|
||||
host: 127.0.0.1
|
||||
|
|
|
@ -35,7 +35,7 @@ func validateSession(config *schema.SessionConfiguration, validator *schema.Stru
|
|||
config.Inactivity = schema.DefaultSessionConfiguration.Inactivity // 5 min.
|
||||
}
|
||||
|
||||
if config.RememberMeDuration <= 0 && config.RememberMeDuration != -1 {
|
||||
if config.RememberMeDuration <= 0 && config.RememberMeDuration != schema.RememberMeDisabled {
|
||||
config.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration // 1 month.
|
||||
}
|
||||
|
||||
|
|
|
@ -3,7 +3,6 @@ package validator
|
|||
import (
|
||||
"fmt"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
@ -412,7 +411,7 @@ func TestShouldSetDefaultWhenNegativeAndNotOverrideDisabledRememberMe(t *testing
|
|||
config := newDefaultSessionConfig()
|
||||
config.Inactivity = -1
|
||||
config.Expiration = -1
|
||||
config.RememberMeDuration = -1
|
||||
config.RememberMeDuration = schema.RememberMeDisabled
|
||||
|
||||
ValidateSession(&config, validator)
|
||||
|
||||
|
@ -421,7 +420,7 @@ func TestShouldSetDefaultWhenNegativeAndNotOverrideDisabledRememberMe(t *testing
|
|||
|
||||
assert.Equal(t, schema.DefaultSessionConfiguration.Inactivity, config.Inactivity)
|
||||
assert.Equal(t, schema.DefaultSessionConfiguration.Expiration, config.Expiration)
|
||||
assert.Equal(t, time.Duration(-1), config.RememberMeDuration)
|
||||
assert.Equal(t, schema.RememberMeDisabled, config.RememberMeDuration)
|
||||
}
|
||||
|
||||
func TestShouldSetDefaultRememberMeDuration(t *testing.T) {
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
||||
"github.com/authelia/authelia/v4/internal/middlewares"
|
||||
"github.com/authelia/authelia/v4/internal/regulation"
|
||||
"github.com/authelia/authelia/v4/internal/session"
|
||||
|
@ -92,7 +93,7 @@ func FirstFactorPost(delayFunc middlewares.TimingAttackDelayFunc) middlewares.Re
|
|||
}
|
||||
|
||||
// Check if bodyJSON.KeepMeLoggedIn can be deref'd and derive the value based on the configuration and JSON data.
|
||||
keepMeLoggedIn := ctx.Providers.SessionProvider.RememberMe != -1 && bodyJSON.KeepMeLoggedIn != nil && *bodyJSON.KeepMeLoggedIn
|
||||
keepMeLoggedIn := ctx.Providers.SessionProvider.RememberMe != schema.RememberMeDisabled && bodyJSON.KeepMeLoggedIn != nil && *bodyJSON.KeepMeLoggedIn
|
||||
|
||||
// Set the cookie to expire if remember me is enabled and the user has asked us to.
|
||||
if keepMeLoggedIn {
|
||||
|
|
|
@ -28,7 +28,7 @@ var assets embed.FS
|
|||
|
||||
func registerRoutes(configuration schema.Configuration, providers middlewares.Providers) fasthttp.RequestHandler {
|
||||
autheliaMiddleware := middlewares.AutheliaMiddleware(configuration, providers)
|
||||
rememberMe := strconv.FormatBool(configuration.Session.RememberMeDuration != -1)
|
||||
rememberMe := strconv.FormatBool(configuration.Session.RememberMeDuration != schema.RememberMeDisabled)
|
||||
resetPassword := strconv.FormatBool(!configuration.AuthenticationBackend.DisableResetPassword)
|
||||
|
||||
duoSelfEnrollment := f
|
||||
|
|
Loading…
Reference in New Issue