mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2026-05-16 07:46:35 +00:00
0211c1eace
The session cookie has no Max-Age, so it is lost when the browser closes. The password flow compensates via a "Remember me" checkbox issuing an LTA cookie; OAuth2/OIDC sign-in had no such UI. Issuing a regular LTA cookie after an OAuth callback would skip the IdP for LOGIN_REMEMBER_DAYS. Instead, this introduces a separate LongTermAuthorizationSSO purpose: the cookie is opt-in via the existing "Remember me" checkbox, and when presented without a session, autoSignIn redirects through the IdP with OIDC prompt=none for silent re-auth. On login_required / interaction_required / consent_required / account_selection_required we transparently fall back to interactive sign-in. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12321 Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> |
||
|---|---|---|
| .. | ||
| db | ||
| ldap | ||
| oauth2 | ||
| pam | ||
| remote | ||
| smtp | ||
| main_test.go | ||
| source_group_sync.go | ||
| source_quota_group_sync.go | ||
| source_quota_group_sync_test.go | ||