feat: option to update session cookie expiry time on session refresh

ory · Nov 24, 2021 · 219d381 · 219d381
1 parent 31af257
commit 219d381
Show file tree

Hide file tree

Showing 10 changed files with 12 additions and 1 deletion.
diff --git a/consent/strategy_default.go b/consent/strategy_default.go
@@ -446,7 +446,7 @@ func (s *DefaultStrategy) verifyAuthentication(w http.ResponseWriter, r *http.Re
 		}
 	}
 
-	if !session.Remember || session.LoginRequest.Skip {
+	if !session.Remember || session.LoginRequest.Skip && !session.RefreshRememberFor {
 		// If the user doesn't want to remember the session, we do not store a cookie.
 		// If login was skipped, it means an authentication cookie was present and
 		// we don't want to touch it (in order to preserve its original expiry date)

diff --git a/consent/types.go b/consent/types.go
@@ -296,6 +296,9 @@ type HandledLoginRequest struct {
 	// authorization will be remembered for the duration of the browser session (using a session cookie).
 	RememberFor int `json:"remember_for" db:"remember_for"`
 
+	// RefreshRememberFor, if set to true, session cookie expiry time will be reset when session is refreshed.
+	RefreshRememberFor bool `json:"refresh_remember_for" db:"refresh_remember_for"`
+
 	// ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it
 	// to express that, for example, a user authenticated using two factor authentication.
 	ACR string `json:"acr" db:"acr"`

diff --git a/...tence/sql/migrations/20211109120000000000_support_refresh_remember_for.cockroach.down.sql b/...tence/sql/migrations/20211109120000000000_support_refresh_remember_for.cockroach.down.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled DROP COLUMN refresh_remember_for;
diff --git a/...istence/sql/migrations/20211109120000000000_support_refresh_remember_for.cockroach.up.sql b/...istence/sql/migrations/20211109120000000000_support_refresh_remember_for.cockroach.up.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled ADD refresh_remember_for BOOLEAN NOT NULL DEFAULT FALSE;
diff --git a/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.mysql.down.sql b/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.mysql.down.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled DROP COLUMN refresh_remember_for;
diff --git a/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.mysql.up.sql b/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.mysql.up.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled ADD COLUMN refresh_remember_for BOOLEAN NOT NULL DEFAULT FALSE;
diff --git a/...stence/sql/migrations/20211109120000000000_support_refresh_remember_for.postgres.down.sql b/...stence/sql/migrations/20211109120000000000_support_refresh_remember_for.postgres.down.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled DROP COLUMN refresh_remember_for;
diff --git a/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.postgres.up.sql b/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.postgres.up.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled ADD refresh_remember_for BOOLEAN NOT NULL DEFAULT FALSE;
diff --git a/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.sqlite.down.sql b/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.sqlite.down.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled DROP COLUMN refresh_remember_for;
diff --git a/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.sqlite.up.sql b/persistence/sql/migrations/20211109120000000000_support_refresh_remember_for.sqlite.up.sql
@@ -0,0 +1 @@
+ALTER TABLE hydra_oauth2_authentication_request_handled ADD refresh_remember_for BOOLEAN NOT NULL DEFAULT FALSE;