web/admin: add notice for user_login stage session cookie behaviour

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-02-08 14:18:52 +01:00
parent 5aa43eeb04
commit a7cf454760
No known key found for this signature in database
3 changed files with 15 additions and 0 deletions

View file

@ -1,5 +1,6 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/Alert";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
@ -70,6 +71,15 @@ export class UserLoginStageForm extends ModelForm<UserLoginStage, string> {
${t`Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed.`}
</p>
<ak-utils-time-delta-help></ak-utils-time-delta-help>
<ak-alert ?inline=${true}>
${t`Different browsers handle session cookies differently, and might not remove them even when the browser is closed.`}
<a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#expiresdate"
target="_blank"
>
${t`See here.`}
</a>
</ak-alert>
</ak-form-element-horizontal>
</div>
</ak-form-group>

View file

@ -26,6 +26,7 @@ export class Tooltip extends AKElement {
}
.pf-c-tooltip {
position: absolute;
z-index: 999;
}
`,
];

View file

@ -10,6 +10,10 @@ It can be used after `user_write` during an enrollment flow, or after a `passwor
By default, the authentik session expires when you close your browser (_seconds=0_).
:::warning
Different browsers handle session cookies differently, and might not remove them even when the browser is closed. See [here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#expiresdate) for more info.
:::
You can set the session to expire after any duration using the syntax of `hours=1,minutes=2,seconds=3`. The following keys are allowed:
- Microseconds