mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
fix(configuration): remember me duration disabled impossible (#2997)
This fixes an issue not properly resolved by db6dd32151
.
This commit is contained in:
parent
a7d3f8f16b
commit
b43ee50368
|
@ -295,6 +295,7 @@ func TestShouldDecodeSMTPSenderWithName(t *testing.T) {
|
||||||
|
|
||||||
assert.Equal(t, "Admin", config.Notifier.SMTP.Sender.Name)
|
assert.Equal(t, "Admin", config.Notifier.SMTP.Sender.Name)
|
||||||
assert.Equal(t, "admin@example.com", config.Notifier.SMTP.Sender.Address)
|
assert.Equal(t, "admin@example.com", config.Notifier.SMTP.Sender.Address)
|
||||||
|
assert.Equal(t, schema.RememberMeDisabled, config.Session.RememberMeDuration)
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestShouldNotReadConfigurationOnFSAccessDenied(t *testing.T) {
|
func TestShouldNotReadConfigurationOnFSAccessDenied(t *testing.T) {
|
||||||
|
|
|
@ -9,20 +9,24 @@ const argon2id = "argon2id"
|
||||||
// ProfileRefreshDisabled represents a value for refresh_interval that disables the check entirely.
|
// ProfileRefreshDisabled represents a value for refresh_interval that disables the check entirely.
|
||||||
const ProfileRefreshDisabled = "disable"
|
const ProfileRefreshDisabled = "disable"
|
||||||
|
|
||||||
// ProfileRefreshAlways represents a value for refresh_interval that's the same as 0ms.
|
const (
|
||||||
const ProfileRefreshAlways = "always"
|
// ProfileRefreshAlways represents a value for refresh_interval that's the same as 0ms.
|
||||||
|
ProfileRefreshAlways = "always"
|
||||||
|
|
||||||
// RefreshIntervalDefault represents the default value of refresh_interval.
|
// RefreshIntervalDefault represents the default value of refresh_interval.
|
||||||
const RefreshIntervalDefault = "5m"
|
RefreshIntervalDefault = "5m"
|
||||||
|
|
||||||
// RefreshIntervalAlways represents the duration value refresh interval should have if set to always.
|
// RefreshIntervalAlways represents the duration value refresh interval should have if set to always.
|
||||||
const RefreshIntervalAlways = 0 * time.Millisecond
|
RefreshIntervalAlways = 0 * time.Millisecond
|
||||||
|
)
|
||||||
|
|
||||||
// LDAPImplementationCustom is the string for the custom LDAP implementation.
|
const (
|
||||||
const LDAPImplementationCustom = "custom"
|
// LDAPImplementationCustom is the string for the custom LDAP implementation.
|
||||||
|
LDAPImplementationCustom = "custom"
|
||||||
|
|
||||||
// LDAPImplementationActiveDirectory is the string for the Active Directory LDAP implementation.
|
// LDAPImplementationActiveDirectory is the string for the Active Directory LDAP implementation.
|
||||||
const LDAPImplementationActiveDirectory = "activedirectory"
|
LDAPImplementationActiveDirectory = "activedirectory"
|
||||||
|
)
|
||||||
|
|
||||||
// TOTP Algorithm.
|
// TOTP Algorithm.
|
||||||
const (
|
const (
|
||||||
|
@ -31,6 +35,11 @@ const (
|
||||||
TOTPAlgorithmSHA512 = "SHA512"
|
TOTPAlgorithmSHA512 = "SHA512"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
// RememberMeDisabled represents the duration for a disabled remember me session configuration.
|
||||||
|
RememberMeDisabled = time.Second * -1
|
||||||
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
// TOTPPossibleAlgorithms is a list of valid TOTP Algorithms.
|
// TOTPPossibleAlgorithms is a list of valid TOTP Algorithms.
|
||||||
TOTPPossibleAlgorithms = []string{TOTPAlgorithmSHA1, TOTPAlgorithmSHA256, TOTPAlgorithmSHA512}
|
TOTPPossibleAlgorithms = []string{TOTPAlgorithmSHA1, TOTPAlgorithmSHA256, TOTPAlgorithmSHA512}
|
||||||
|
|
|
@ -97,6 +97,7 @@ session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
expiration: 3600000 # 1 hour
|
expiration: 3600000 # 1 hour
|
||||||
inactivity: 300000 # 5 minutes
|
inactivity: 300000 # 5 minutes
|
||||||
|
remember_me_duration: -1
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
|
|
|
@ -35,7 +35,7 @@ func validateSession(config *schema.SessionConfiguration, validator *schema.Stru
|
||||||
config.Inactivity = schema.DefaultSessionConfiguration.Inactivity // 5 min.
|
config.Inactivity = schema.DefaultSessionConfiguration.Inactivity // 5 min.
|
||||||
}
|
}
|
||||||
|
|
||||||
if config.RememberMeDuration <= 0 && config.RememberMeDuration != -1 {
|
if config.RememberMeDuration <= 0 && config.RememberMeDuration != schema.RememberMeDisabled {
|
||||||
config.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration // 1 month.
|
config.RememberMeDuration = schema.DefaultSessionConfiguration.RememberMeDuration // 1 month.
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,6 @@ package validator
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
@ -412,7 +411,7 @@ func TestShouldSetDefaultWhenNegativeAndNotOverrideDisabledRememberMe(t *testing
|
||||||
config := newDefaultSessionConfig()
|
config := newDefaultSessionConfig()
|
||||||
config.Inactivity = -1
|
config.Inactivity = -1
|
||||||
config.Expiration = -1
|
config.Expiration = -1
|
||||||
config.RememberMeDuration = -1
|
config.RememberMeDuration = schema.RememberMeDisabled
|
||||||
|
|
||||||
ValidateSession(&config, validator)
|
ValidateSession(&config, validator)
|
||||||
|
|
||||||
|
@ -421,7 +420,7 @@ func TestShouldSetDefaultWhenNegativeAndNotOverrideDisabledRememberMe(t *testing
|
||||||
|
|
||||||
assert.Equal(t, schema.DefaultSessionConfiguration.Inactivity, config.Inactivity)
|
assert.Equal(t, schema.DefaultSessionConfiguration.Inactivity, config.Inactivity)
|
||||||
assert.Equal(t, schema.DefaultSessionConfiguration.Expiration, config.Expiration)
|
assert.Equal(t, schema.DefaultSessionConfiguration.Expiration, config.Expiration)
|
||||||
assert.Equal(t, time.Duration(-1), config.RememberMeDuration)
|
assert.Equal(t, schema.RememberMeDisabled, config.RememberMeDuration)
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestShouldSetDefaultRememberMeDuration(t *testing.T) {
|
func TestShouldSetDefaultRememberMeDuration(t *testing.T) {
|
||||||
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
||||||
"github.com/authelia/authelia/v4/internal/middlewares"
|
"github.com/authelia/authelia/v4/internal/middlewares"
|
||||||
"github.com/authelia/authelia/v4/internal/regulation"
|
"github.com/authelia/authelia/v4/internal/regulation"
|
||||||
"github.com/authelia/authelia/v4/internal/session"
|
"github.com/authelia/authelia/v4/internal/session"
|
||||||
|
@ -92,7 +93,7 @@ func FirstFactorPost(delayFunc middlewares.TimingAttackDelayFunc) middlewares.Re
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if bodyJSON.KeepMeLoggedIn can be deref'd and derive the value based on the configuration and JSON data.
|
// Check if bodyJSON.KeepMeLoggedIn can be deref'd and derive the value based on the configuration and JSON data.
|
||||||
keepMeLoggedIn := ctx.Providers.SessionProvider.RememberMe != -1 && bodyJSON.KeepMeLoggedIn != nil && *bodyJSON.KeepMeLoggedIn
|
keepMeLoggedIn := ctx.Providers.SessionProvider.RememberMe != schema.RememberMeDisabled && bodyJSON.KeepMeLoggedIn != nil && *bodyJSON.KeepMeLoggedIn
|
||||||
|
|
||||||
// Set the cookie to expire if remember me is enabled and the user has asked us to.
|
// Set the cookie to expire if remember me is enabled and the user has asked us to.
|
||||||
if keepMeLoggedIn {
|
if keepMeLoggedIn {
|
||||||
|
|
|
@ -28,7 +28,7 @@ var assets embed.FS
|
||||||
|
|
||||||
func registerRoutes(configuration schema.Configuration, providers middlewares.Providers) fasthttp.RequestHandler {
|
func registerRoutes(configuration schema.Configuration, providers middlewares.Providers) fasthttp.RequestHandler {
|
||||||
autheliaMiddleware := middlewares.AutheliaMiddleware(configuration, providers)
|
autheliaMiddleware := middlewares.AutheliaMiddleware(configuration, providers)
|
||||||
rememberMe := strconv.FormatBool(configuration.Session.RememberMeDuration != -1)
|
rememberMe := strconv.FormatBool(configuration.Session.RememberMeDuration != schema.RememberMeDisabled)
|
||||||
resetPassword := strconv.FormatBool(!configuration.AuthenticationBackend.DisableResetPassword)
|
resetPassword := strconv.FormatBool(!configuration.AuthenticationBackend.DisableResetPassword)
|
||||||
|
|
||||||
duoSelfEnrollment := f
|
duoSelfEnrollment := f
|
||||||
|
|
Loading…
Reference in New Issue
Block a user