diff --git a/docs/configuration/optional-settings.md b/docs/configuration/optional-settings.md index 6c62fc6d1..bde911a0e 100644 --- a/docs/configuration/optional-settings.md +++ b/docs/configuration/optional-settings.md @@ -257,6 +257,16 @@ LOGGING = { --- +## LOGIN_PERSISTENCE + +Default: False + +If true, the lifetime of a user's authentication session will be automatically reset upon each valid request. For example, if [`LOGIN_TIMEOUT`](#login_timeout) is configured to 14 days (the default), and a user whose session is due to expire in five days makes a NetBox request (with a valid session cookie), the session's lifetime will be reset to 14 days. + +Note that enabling this setting causes NetBox to update a user's session in the database (or file, as configured per [`SESSION_FILE_PATH`](#session_file_path)) with each request, which may introduce significant overhead in very active environments. It also permits an active user to remain authenticated to NetBox indefinitely. + +--- + ## LOGIN_REQUIRED Default: False diff --git a/docs/release-notes/version-2.11.md b/docs/release-notes/version-2.11.md index 6eb04d9b4..8db5ccd05 100644 --- a/docs/release-notes/version-2.11.md +++ b/docs/release-notes/version-2.11.md @@ -7,6 +7,7 @@ * [#6748](https://github.com/netbox-community/netbox/issues/6748) - Add site group filter to devices list * [#6790](https://github.com/netbox-community/netbox/issues/6790) - Recognize a /32 IPv4 address as a child of a /32 IPv4 prefix * [#6872](https://github.com/netbox-community/netbox/issues/6872) - Add table configuration button to child prefixes view +* [#6929](https://github.com/netbox-community/netbox/issues/6929) - Introduce `LOGIN_PERSISTENCE` configuration parameter to persist user sessions ### Bug Fixes diff --git a/netbox/netbox/configuration.example.py b/netbox/netbox/configuration.example.py index cac4a9c85..231c2513e 100644 --- a/netbox/netbox/configuration.example.py +++ b/netbox/netbox/configuration.example.py @@ -149,6 +149,10 @@ INTERNAL_IPS = ('127.0.0.1', '::1') # https://docs.djangoproject.com/en/stable/topics/logging/ LOGGING = {} +# Automatically reset the lifetime of a valid session upon each authenticated request. Enables users to remain +# authenticated to NetBox indefinitely. +LOGIN_PERSISTENCE = False + # Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users # are permitted to access most data in NetBox (excluding secrets) but not make any changes. LOGIN_REQUIRED = False diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py index 1f3cf8049..c3e19d3a2 100644 --- a/netbox/netbox/settings.py +++ b/netbox/netbox/settings.py @@ -103,6 +103,7 @@ NAPALM_PASSWORD = getattr(configuration, 'NAPALM_PASSWORD', '') NAPALM_TIMEOUT = getattr(configuration, 'NAPALM_TIMEOUT', 30) NAPALM_USERNAME = getattr(configuration, 'NAPALM_USERNAME', '') PAGINATE_COUNT = getattr(configuration, 'PAGINATE_COUNT', 50) +LOGIN_PERSISTENCE = getattr(configuration, 'LOGIN_PERSISTENCE', False) PLUGINS = getattr(configuration, 'PLUGINS', []) PLUGINS_CONFIG = getattr(configuration, 'PLUGINS_CONFIG', {}) PREFER_IPV4 = getattr(configuration, 'PREFER_IPV4', False) @@ -251,6 +252,7 @@ CACHING_REDIS_SKIP_TLS_VERIFY = CACHING_REDIS.get('INSECURE_SKIP_TLS_VERIFY', Fa if LOGIN_TIMEOUT is not None: # Django default is 1209600 seconds (14 days) SESSION_COOKIE_AGE = LOGIN_TIMEOUT +SESSION_SAVE_EVERY_REQUEST = bool(LOGIN_PERSISTENCE) if SESSION_FILE_PATH is not None: SESSION_ENGINE = 'django.contrib.sessions.backends.file'