feat: add session max lifetime and fix refresh logic (#559)

* feat: allow any HTTP method for /api/auth/envoy and restrict methods for non-envoy proxies * feat: add Allow header for invalid methods in proxyHandler * feat: add session max lifetime and fix refresh logic * fix: set default value for created_at column and improve session expiration logic --------- Co-authored-by: Stavros <steveiliop56@gmail.com>
2026-01-12 02:12:29 +00:00 · 2026-01-07 06:37:23 -05:00
parent 721f302c0b
commit e7bd64d7a3
16 changed files with 96 additions and 47 deletions
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -40,12 +40,13 @@ type ServerConfig struct {
 }

 type AuthConfig struct {
-	Users           string `description:"Comma-separated list of users (username:hashed_password)." yaml:"users"`
-	UsersFile       string `description:"Path to the users file." yaml:"usersFile"`
-	SecureCookie    bool   `description:"Enable secure cookies." yaml:"secureCookie"`
-	SessionExpiry   int    `description:"Session expiry time in seconds." yaml:"sessionExpiry"`
-	LoginTimeout    int    `description:"Login timeout in seconds." yaml:"loginTimeout"`
-	LoginMaxRetries int    `description:"Maximum login retries." yaml:"loginMaxRetries"`
+	Users              string `description:"Comma-separated list of users (username:hashed_password)." yaml:"users"`
+	UsersFile          string `description:"Path to the users file." yaml:"usersFile"`
+	SecureCookie       bool   `description:"Enable secure cookies." yaml:"secureCookie"`
+	SessionExpiry      int    `description:"Session expiry time in seconds." yaml:"sessionExpiry"`
+	SessionMaxLifetime int    `description:"Maximum session lifetime in seconds." yaml:"sessionMaxLifetime"`
+	LoginTimeout       int    `description:"Login timeout in seconds." yaml:"loginTimeout"`
+	LoginMaxRetries    int    `description:"Maximum login retries." yaml:"loginMaxRetries"`
 }

 type OAuthConfig struct {