✨ Make session time more flexible
fynnlyte opened this issue · 0 comments
fynnlyte commented
Currently, there is one fixed session time for every user.
It should be possible for the user to request a different, pre-configured session duration based on his request, e.g.:
- 5 days if „stay logged in“ is selected
- 5 minutes otherwise
The supported keys can be sent when logging in, resetting password - also when refreshing the session?
- Or should the choice be persisted after logging in?
- User could have multiple sessions: One with longer validity, one with shorter. Would be good to save the key (or duration?) directly at the session-record.
- fall back to default if current config entry was dropped?
- if existing config-entry was modified -> extend session life accordingly, not according to how it was initially set!
In a later iteration:
- allow to specify a different session duration if users have a certain role assigned via the config -> shorter session life for admins/internal staff than for normal users