dahjah/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-06-04 06:24:58 -06:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Add option to disable refresh token renewal

Browse Source 
Add a new configuration option to disable refresh token renewal, requiring full reauthentication every 30/90 days.
This commit is contained in:
Momi-V 2025-11-03 10:12:49 +01:00 committed by HPPinata
parent 36f0620fd1
commit 1f2c2cf63d
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/config.rs
View File

@ -706,6 +706,10 @@ make_config! {
/// Note that the checkbox would still be present, but ignored. /// Note that the checkbox would still be present, but ignored.
disable_2fa_remember: bool, true, def, false; disable_2fa_remember: bool, true, def, false;
/// Disable refresh token renewal |> If true, disables sliding window for refresh token expiry.
/// This only renews the token on a full login (Password (+2FA), SSO, etc.) forcing a full reauth every 30 days (90 for the native app)
disable_refresh_token_renewal: bool, true, def, false;
/// Disable authenticator time drifted codes to be valid |> Enabling this only allows the current TOTP code to be valid /// Disable authenticator time drifted codes to be valid |> Enabling this only allows the current TOTP code to be valid
/// TOTP codes of the previous and next 30 seconds will be invalid. /// TOTP codes of the previous and next 30 seconds will be invalid.
authenticator_disable_time_drift: bool, true, def, false; authenticator_disable_time_drift: bool, true, def, false;