habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website/docs: update docs about "stay logged in" option (#10832)

Browse Source 
* reformatted and tweaked wording

* fixed change to anchor

* again with broken anchor

* aligned code example

---------

Co-authored-by: Tana M Berry <tana@goauthentik.com>
This commit is contained in:
Tana M Berry
2024-08-09 11:39:41 -05:00
committed by GitHub
parent ddd689fbdf
commit 25a06716ff
2 changed files with 59 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
website/docs/flow/stages/user_login/index.md
View File

@ -6,9 +6,15 @@ This stage attaches a currently pending user to the current session.
It can be used after `user_write` during an enrollment flow, or after a `password` stage during an authentication flow.
## Session duration
## User login stage configuration options
By default, the authentik session expires when you close your browser (_seconds=0_).
When creating or editing this stage in the UI of the Admin interface, you can set the following configuration options.
**Name**: enter a descriptive name for the stage.
**Stage-specific settings**
- **Session duration**: By default, the authentik session expires when you close your browser (_seconds=0_).
:::warning
Different browsers handle session cookies differently, and might not remove them even when the browser is closed. See [here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#expiresdate) for more info.
@ -26,17 +32,15 @@ You can set the session to expire after any duration using the syntax of `hours=
All values accept floating-point values.
## Stay signed in offset
When this is set to a higher value than the default _seconds=0_, a prompt is shown, allowing the users to choose if their session should be extended or not. The same syntax as for _Session duration_ applies.
- **Stay signed in offset**: When this is set to a higher value than the default _seconds=0_, the user logging in is shown a prompt, allowing the user to choose if their session should be extended or not. The same syntax as for _Session duration_ applies.
![](./stay_signed_in.png)
## Network binding/GeoIP binding
- **Network binding and GeoIP binding**
When configured, all sessions authenticated by this stage will be bound to the selected network/GeoIP criteria.
When configured, all sessions authenticated by this stage will be bound to the selected network and/or GeoIP criteria.
Sessions which break this binding will be terminated on use. The created [`logout`](../../../events/index.md#logout) event will contain additional data related to what caused the binding to be broken:
Sessions that break this binding will be terminated on use. The created [`logout`](../../../events/index.md#logout) event will contain additional data related to what caused the binding to be broken:
```json
{
@ -75,6 +79,6 @@ Sessions which break this binding will be terminated on use. The created [`logou
}
```
## Terminate other sessions
- **Terminate other sessions**
When enabled, previous sessions of the user logging in will be revoked. This has no affect on OAuth refresh tokens.

2
website/docs/releases/2024/v2024.2.md
View File

@ -114,7 +114,7 @@ slug: /releases/2024.2
Sessions for any users can now be bound to a specific geolocation (Continent, Country, City) or network (Autonomous System, subnet, IP address). If the session is accessed from a location/network that is different than that from which it was initially created, the session will be terminated.
Configuration steps are available [here](../../flow/stages/user_login/index.md#network-bindinggeoip-binding).
Configuration steps are available [here](../../flow/stages/user_login/index.md#user-login-stage-configuration-options).
- **S3 file storage**