diff options
author | Jakob Borg <jakob@kastelo.net> | 2024-01-04 11:07:12 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-04 10:07:12 +0000 |
commit | aa901790b99e13c6cbf2bb3fda9b8ba3b765d700 (patch) | |
tree | 76ca687c3fefe3701de174ad9a17136fe6b23b70 /cmd | |
parent | 17df4b8634b55cee8961480272daca70e30009ed (diff) | |
download | syncthing-aa901790b99e13c6cbf2bb3fda9b8ba3b765d700.tar.gz syncthing-aa901790b99e13c6cbf2bb3fda9b8ba3b765d700.zip |
lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284)
This adds a "token manager" which handles storing and checking expired
tokens, used for both sessions and CSRF tokens. It removes the old,
corresponding functionality for CSRFs which saved things in a file. The
result is less crap in the state directory, and active login sessions
now survive a Syncthing restart (this really annoyed me).
It also adds a boolean on login to create a longer-lived session cookie,
which is now possible and useful. Thus we can remain logged in over
browser restarts, which was also annoying... :)
<img width="1001" alt="Screenshot 2023-12-12 at 09 56 34"
src="https://github.com/syncthing/syncthing/assets/125426/55cb20c8-78fc-453e-825d-655b94c8623b">
Best viewed with whitespace-insensitive diff, as a bunch of the auth
functions became methods instead of closures which changed indentation.
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/syncthing/main.go | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/cmd/syncthing/main.go b/cmd/syncthing/main.go index f321ebc8b..ab3c76e73 100644 --- a/cmd/syncthing/main.go +++ b/cmd/syncthing/main.go @@ -862,6 +862,7 @@ func cleanConfigDirectory() { "backup-of-v0.8": 30 * 24 * time.Hour, // these neither "tmp-index-sorter.*": time.Minute, // these should never exist on startup "support-bundle-*": 30 * 24 * time.Hour, // keep old support bundle zip or folder for a month + "csrftokens.txt": 0, // deprecated, remove immediately } for pat, dur := range patterns { |