search

maykinmedia / open-api-framework

The Open API framework powers the open source registration components like Open Zaak en Open Klant.
MIT License
0 stars 0 forks source link

Ensure Admin session duration can be configured via envvar and ensure parallel user-sessions aren't possible #46

Open alextreme opened 2 months ago

alextreme commented 2 months ago

Thema / Theme

Admin

Omschrijving / Description

Taiga AMS 17

The wish is to limit the duration of admin sessions to a configurable number of minutes instead of having the 2-week default.

Another part of the request is to ensure that logging into the admin does an auto-logout of all existing sessions of the same user.

A third part of the request is to show all active sessions, however with the second part of this request I'm assuming this isn't necessary.

Issue is to be estimated and quoted to the client

Toegevoegde waarde / Added value

No response

Aanvullende opmerkingen / Additional context

No response

joeribekker commented 2 weeks ago

Estimate:

  1. env var -- 1 day
  2. auto logout / delete other sessions -- 1 week (check side effects)
  3. show number of devices that you are logged in -- 1 week (ui stuff)

@alextreme you can quote the client.

alextreme commented 5 days ago

Approval has been given by the client