Configure Authentication Expiry/TTL

stephen · 7 October 2021 11:54

Hi

Is it possible to configure the authentication expiry/ttl for user sessions?

The current TTL set in the JSON Web Token’s “exp” field is currently +3 days.

I’m happy for this to be the default, but on my own install, I want to increase this to something like a month.

Is it possible to configure this, or do I need to submit a feature request?

Cheers
Stephen

kolaente · 8 October 2021 06:02

Hi Stephen!

Currentlyg that’s not possible. There has been an issue about this here, that was more about a “remember me” functionality though. Is that what you want to do with the feature?

stephen · 8 October 2021 10:57

Hi Kolaente

I think the simplest and therefore the quickest solution is to allow the +3 days to be configurable from the config file.

You could change this line vikunja/api: The to-do app to organize your life. Public API Roadmap here: https://my.vikunja.cloud/share/QFyzYEmEYfSyQfTOmIRSwLUpkFjboaBqQCnaPmWd/auth. - pkg/modules/auth/auth.go at c3da45485451574b5e66744b6b779d9926ce5b19 - api - Gitea to pull the number of seconds from the config file.

The default should remain as 3 days.

Would you be happy for me to submit a pull request? (I’ve always wanted to learn a bit of go).

Cheers
Stephen

kolaente · 8 October 2021 12:24

Sure, a PR sounds like a good idea.

stephen · 8 October 2021 15:43

Pull request submitted #999 - Added the ability to configure the JWT expiry date using a new server.jwtttl config parameter. - api - Gitea