-
Notifications
You must be signed in to change notification settings - Fork 931
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remember me #1656
Comments
Hey @FlxMgdnz, I would love to work on this issue. Can you assign it to me? |
/assign |
Assigned to @Mujhtech! Please open a draft PR linking this issue within 48h |
Hey @Mujhtech I've added a bit more information to the issue description. |
fyi we've added 250 points to the issue |
@FlxMgdnz I have made few progress by adding enable_remember_me to session config type Session struct {
// ...other session config data
// `enable_remember_me` determines whether remember me functionality should be enable in hanko element ui
// which allows users to control the session duration whether the JWT should be store in session cookie and deleted
// when browser is closed or not.
EnableRememberMe bool `yaml:"enable_remember_me" json:"enable_remember_me,omitempty" koanf:"enable_remember_me" split_words:"true" jsonschema:"default=false"`
} When the value is true, it add remember action to the login init state else suspend remember me action. What do you think? |
Also, this is what I noticed: the current implementation is using js-cookie to store the token. By my testing, I experienced that if the tab is open while I close the browser, the cookie stays but if I close the tab before closing the browser, the cookie expires |
/assign |
This issue is already assigned to another person. Please find more issues here. |
/assign |
This issue is already assigned to another person. Please find more issues here. |
/assign |
This issue is already assigned to another person. Please find more issues here. |
/assign |
This issue is already assigned to another person. Please find more issues here. |
/assign |
This issue is already assigned to another person. Please find more issues here. |
/assign |
This issue is already assigned to another person. Please find more issues here. |
/assign |
This issue is already assigned to another person. Please find more issues here. |
Checklist
Description
Users should have the option of ending their session automatically when the browser is closed. Depending on the config, in the current implementation either the frontend SDK pulls the JWT from the x-auth-token header or the backend stores the JWT as cookie. In both cases, the session will be active as long as the JWT is valid.
Describe your ideal solution
As a new, optional feature, we can introduce a Remember me checkbox on the login page in Hanko Elements. When enabled, the user can control via the checkbox whether the session should remain valid for the duration of the JWT (old behavior) or whether the JWT should be stored as a session cookie and deleted when the browser is closed.
Proposed new backend config option:
Workarounds or alternatives
No response
Hanko Version
1.0.2
Additional Context
No response
The text was updated successfully, but these errors were encountered: