add remember me environment variable

mealie-recipes · Mar 1, 2024 · 501aa27 · 501aa27
1 parent f3c5f28
commit 501aa27
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 4 deletions.
diff --git a/docs/docs/documentation/getting-started/installation/backend-config.md b/docs/docs/documentation/getting-started/installation/backend-config.md
@@ -86,8 +86,9 @@ For usage, see [Usage - OpenID Connect](../authentication/oidc.md)
 | OIDC_CONFIGURATION_URL | None | The URL to the OIDC configuration of your provider. This is usually something like https://auth.example.com/.well-known/openid-configuration |
 | OIDC_CLIENT_ID | None | The client id of your configured client in your provider |
 | OIDC_ADMIN_GROUP | None | If this group is present in the group claims, the user will be set as an admin |
-| OIDC_ALWAYS_REDIRECT | False | If `True`, then the login page will be bypassed an you will be sent directly to your Identity Provider. You can still get to the login page by adding `?direct=1` to the login URL |
+| OIDC_AUTO_REDIRECT | False | If `True`, then the login page will be bypassed an you will be sent directly to your Identity Provider. You can still get to the login page by adding `?direct=1` to the login URL |
 | OIDC_PROVIDER_NAME | OAuth | The provider name is shown in SSO login button. "Login with <OIDC_PROVIDER_NAME\>" |
+| OIDC_REMEMBER_ME | False | Because redirects bypass the login screen, you cant extend your session by clicking the "Remember Me" checkbox. By setting this value to true, a session will be extended as if "Remember Me" was checked. |
 
 ### Themeing
 

diff --git a/docs/docs/overrides/api.html b/docs/docs/overrides/api.html
diff --git a/mealie/core/security/providers/openid_provider.py b/mealie/core/security/providers/openid_provider.py
@@ -54,14 +54,14 @@ async def authenticate(self) -> tuple[str, timedelta] | None:
                 }
             )
             self.session.commit()
-            return self.get_access_token(user)  # type: ignore
+            return self.get_access_token(user, settings.OIDC_REMEMBER_ME)  # type: ignore
 
         if user:
             if user.admin != admin_claim:
                 self._logger.debug(f"[OIDC] {'Setting' if admin_claim else 'Removing'} user as admin")
                 user.admin = admin_claim
                 repos.users.update(user.id, user)
-            return self.get_access_token(user)
+            return self.get_access_token(user, settings.OIDC_REMEMBER_ME)
 
         self._logger.info("[OIDC] Found user but their AuthMethod does not match OIDC")
         return None

diff --git a/mealie/core/settings/settings.py b/mealie/core/settings/settings.py
@@ -180,6 +180,7 @@ def LDAP_ENABLED(self) -> bool:
     OIDC_ADMIN_GROUP: str | None = None
     OIDC_AUTO_REDIRECT: bool = False
     OIDC_PROVIDER_NAME: str = "OAuth"
+    OIDC_REMEMBER_ME: bool = False
 
     @property
     def OIDC_READY(self) -> bool: