question: Session expires in around 30 minutes, did I miss some configuration?

[VTopoliuk]

A clear and concise description of what you want to accomplish.

I am trying to add reverse proxy to internal site and hide it behind auth. Everything works well except I need to relogin after every 30-60 minutes. I have tried to change cookie lifetime to different values, but as I can see it doesn't affect my case at all.

Am I missing something?

Configuration: local json file with single user + mfa

Config:

{
	order authenticate before respond
	order authorize before reverse_proxy

	security {
		local identity store localdb {
			realm local
			path /etc/caddy/users.json
		}

		authentication portal auth_portal {
			enable identity store localdb
			cookie domain mysecretdomain.com
			cookie lifetime 31536000 # 1 year
			transform user {
				match email vitalii@mysecretdomain.com
				action add role authp/user
			}

			transform user {
				match realm local
				require mfa
			}
		}

		authorization policy admin_policy {
			set auth url https://auth.mysecretdomain.com
			allow roles authp/user
		}
	}
}

auth.mysecretdomain.com {
	authenticate with auth_portal
}

voron24.mysecretdomain.com {
	authorize with admin_policy
	reverse_proxy 192.168.2.185
}

[greenpau]

@VTopoliuk , you are setting cookie lifetime, but not token lifetime. The cookie lifetime defines the lifetime of the cookie storing the actual token. You need to set the token lifetime too.

authentication portal myportal {
  crypto default token lifetime 3600
  cookie lifetime 7200

please see #24 (comment)

[VTopoliuk]

Thank you a lot, I knew it was some stupid mistake!

[greenpau]

@VTopoliuk , please don’t hesitate asking questions. 😄

[greenpau]

@VTopoliuk , I am looking to add testimonial sections to https://authcrunch.com. Could you please write one and send it to me at greenpau@outlook.com?