One source of mild frustration for me using Silverbullet is the necessity of re-logging-in every week (at least since I'm currently using basic authentication). This PR adds the ability to stay logged in, as log as the user opens Silverbullet on a given device during the one-week window.
To the crypto.ts file, createJWT() is updated to make expirySeconds an optional parameter, making a JWT that doesn't expire if it's not passed.
A checkbox is added to auth.html to the login form to mark "remember me".
In http_server.ts, logging in with the "remember me" checkbox checked saves an additional cookie that, if it exists, signifies the server to refresh the cookie on subsequent requests. Thus, visits to a page (given the cookies aren't expired) will move the expiration date back to a week past the current date. This cookie is deleted alongside the auth cookie at logout.
zefhemel
commented
4 weeks ago
One source of mild frustration for me using Silverbullet is the necessity of re-logging-in every week (at least since I'm currently using basic authentication). This PR adds the ability to stay logged in, as log as the user opens Silverbullet on a given device during the one-week window.
To the
crypto.tsfile,createJWT()is updated to makeexpirySecondsan optional parameter, making a JWT that doesn't expire if it's not passed.A checkbox is added to
auth.htmlto the login form to mark "remember me".In
http_server.ts, logging in with the "remember me" checkbox checked saves an additional cookie that, if it exists, signifies the server to refresh the cookie on subsequent requests. Thus, visits to a page (given the cookies aren't expired) will move the expiration date back to a week past the current date. This cookie is deleted alongside the auth cookie at logout.