syncthing/lib/syncthing
Jakob Borg aa901790b9
lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284)
This adds a "token manager" which handles storing and checking expired
tokens, used for both sessions and CSRF tokens. It removes the old,
corresponding functionality for CSRFs which saved things in a file. The
result is less crap in the state directory, and active login sessions
now survive a Syncthing restart (this really annoyed me).

It also adds a boolean on login to create a longer-lived session cookie,
which is now possible and useful. Thus we can remain logged in over
browser restarts, which was also annoying... :)

<img width="1001" alt="Screenshot 2023-12-12 at 09 56 34"
src="https://github.com/syncthing/syncthing/assets/125426/55cb20c8-78fc-453e-825d-655b94c8623b">

Best viewed with whitespace-insensitive diff, as a bunch of the auth
functions became methods instead of closures which changed indentation.
2024-01-04 10:07:12 +00:00
..
auditservice_test.go all: Implement suture v4-api (#6947) 2020-11-17 13:19:04 +01:00
auditservice.go lib: Fix panic due to closed event subscriptions on shutdown (#8079) 2021-12-22 20:16:21 +01:00
debug.go lib/db: Make database GC a service, stop on Stop() (#6518) 2020-04-12 10:26:57 +02:00
globalmigrations.go lib/syncthing: Handle successful global migration (fixes #8851) (#8852) 2023-04-05 15:25:55 +02:00
superuser_unix.go all: Update build constraints to Go 1.17 style (#7894) 2021-08-17 10:10:41 +02:00
superuser_windows.go all: Fix Microsoft documentation links in code comments (#7387) 2021-02-20 14:56:45 +01:00
syncthing_test.go all: Remove usage of deprecated io/ioutil (#7971) 2021-11-22 08:59:47 +01:00
syncthing.go lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284) 2024-01-04 10:07:12 +00:00
time_android.go lib/syncthing: Set system timezone on android (#7878) 2021-08-09 09:27:14 +02:00
utils.go all: Fix various user-facing and non-user-facing typos (#8509) 2022-08-23 15:44:11 +02:00
verboseservice.go all: Remove unused method receivers (#8462) 2022-07-28 17:32:45 +02:00