topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add option to disable refresh token renewal 

Add a new configuration option to disable refresh token renewal, requiring full reauthentication every 30/90 days.
pull/6433/head
Momi-V 4 weeks ago
committed by HPPinata
parent
9017ca265a
commit
f7db782e1c
1 changed files with 4 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      src/config.rs

4
src/config.rs
View File

@ -706,6 +706,10 @@ make_config! {
/// Note that the checkbox would still be present, but ignored.
disable_2fa_remember: bool, true, def, false;
/// Disable refresh token renewal |> If true, disables sliding window for refresh token expiry.
/// This only renews the token on a full login (Password (+2FA), SSO, etc.) forcing a full reauth every 30 days (90 for the native app)
disable_refresh_token_renewal: bool, true, def, false;
/// Disable authenticator time drifted codes to be valid |> Enabling this only allows the current TOTP code to be valid
/// TOTP codes of the previous and next 30 seconds will be invalid.
authenticator_disable_time_drift: bool, true, def, false;

Write Preview
Loading…
Cancel
Save