mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 07:50:02 +02:00 
			
		
		
		
	Merge branch 'mittler-works-adjustable_admin_cookie_lifetime'
This commit is contained in:
		| @@ -335,6 +335,9 @@ | ||||
| ## Allow a burst of requests of up to this size, while maintaining the average indicated by `ADMIN_RATELIMIT_SECONDS`. | ||||
| # ADMIN_RATELIMIT_MAX_BURST=3 | ||||
|  | ||||
| ## Set the lifetime of admin sessions to this value (in minutes). | ||||
| # ADMIN_SESSION_LIFETIME=20 | ||||
|  | ||||
| ## Yubico (Yubikey) Settings | ||||
| ## Set your Client ID and Secret Key for Yubikey OTP | ||||
| ## You can generate it here: https://upgrade.yubico.com/getapikey/ | ||||
|   | ||||
| @@ -183,7 +183,7 @@ fn post_admin_login(data: Form<LoginForm>, cookies: &CookieJar<'_>, ip: ClientIp | ||||
|  | ||||
|         let cookie = Cookie::build(COOKIE_NAME, jwt) | ||||
|             .path(admin_path()) | ||||
|             .max_age(rocket::time::Duration::minutes(20)) | ||||
|             .max_age(rocket::time::Duration::minutes(CONFIG.admin_session_lifetime())) | ||||
|             .same_site(SameSite::Strict) | ||||
|             .http_only(true) | ||||
|             .finish(); | ||||
|   | ||||
| @@ -241,7 +241,7 @@ pub fn generate_admin_claims() -> BasicJwtClaims { | ||||
|     let time_now = Utc::now().naive_utc(); | ||||
|     BasicJwtClaims { | ||||
|         nbf: time_now.timestamp(), | ||||
|         exp: (time_now + Duration::minutes(20)).timestamp(), | ||||
|         exp: (time_now + Duration::minutes(CONFIG.admin_session_lifetime())).timestamp(), | ||||
|         iss: JWT_ADMIN_ISSUER.to_string(), | ||||
|         sub: "admin_panel".to_string(), | ||||
|     } | ||||
|   | ||||
| @@ -581,6 +581,9 @@ make_config! { | ||||
|         /// Max burst size for admin login requests |> Allow a burst of requests of up to this size, while maintaining the average indicated by `admin_ratelimit_seconds` | ||||
|         admin_ratelimit_max_burst:     u32, false, def, 3; | ||||
|  | ||||
|         /// Admin session lifetime |> Set the lifetime of admin sessions to this value (in minutes). | ||||
|         admin_session_lifetime:        i64, true,  def, 20; | ||||
|  | ||||
|         /// Enable groups (BETA!) (Know the risks!) |> Enables groups support for organizations (Currently contains known issues!). | ||||
|         org_groups_enabled:     bool,   false,  def,    false; | ||||
|     }, | ||||
|   | ||||
		Reference in New Issue
	
	Block a user