huridocs / uwazi

Uwazi is a web-based, open-source solution for building and sharing document collections
http://www.uwazi.io
MIT License
242 stars 80 forks source link

Enable persistent session for user convenience and security #7180

Open aphilop opened 2 months ago

aphilop commented 2 months ago

Problem description Currently, users must re-authenticate frequently due to the lack of a persistent session feature. This could lead to user frustration, particularly for those who use the application multiple times. Users should be able to control whether to stay signed in across sessions so they can balance convenience and security according to their needs.

Solution description Introduce a persistent session feature with an option for users to stay signed in across sessions upon signing in. This feature should allow users to stay signed in for a configurable duration, balancing convenience with security. The solution should include necessary security measures to mitigate potential risks associated with persistent sessions.

Scope of the solution

juanmnl commented 1 month ago

We are adding a "Stay logged in" checkbox so users can choose to have their session persisted in a common pattern, and modifying the first input label from "User" to "Username".

login - empty login - filled

Design