Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add peer login expiration #682

Merged
merged 8 commits into from
Feb 13, 2023
Merged

Add peer login expiration #682

merged 8 commits into from
Feb 13, 2023

Conversation

braginini
Copy link
Contributor

@braginini braginini commented Feb 10, 2023
edited
Loading

Describe your changes

This PR adds a peer login expiration logic that requires
peers created by a user to re-authenticate (re-login) after
a certain threshold of time (24h by default).

The Account object now has a PeerLoginExpiration
property that indicates the duration after which a peer's
login will expire and a login will be required. Defaults to 24h.

There are two new properties added to the Peer object:
LastLogin that indicates the last time peer successfully used
the Login gRPC endpoint and LoginExpirationEnabled that
enables/disables peer login expiration.

The login expiration logic applies only to peers that were created
by a user and not those that were added with a setup key.

P.S. The expiration is disabled always for now. Will be enabled in the future versions.
Next PRs:
HTTP Peer API will have a method to enable/disable expiration.
HTTP Peer API GET Peers will return the indicator that peer's login
has expired.
HTTP API for system settings to globally enable/disable expiration and set expiration duration.

Issue ticket number and link

Checklist

  • Is it a bug fix
  • Is a typo/documentation fix
  • Is a feature enhancement
  • It is a refactor
  • Created tests that fail without the change (if possible)
  • Extended the README / documentation, if necessary

@braginini braginini marked this pull request as ready for review February 13, 2023 09:09
pappz
pappz reviewed Feb 13, 2023
View reviewed changes
management/server/peer.go Show resolved Hide resolved
management/server/peer.go Show resolved Hide resolved
management/server/grpcserver.go Show resolved Hide resolved
management/server/grpcserver.go Show resolved Hide resolved
@braginini braginini merged commit 3fc8974 into main Feb 13, 2023
@braginini braginini deleted the feature/user-peer-login-expiration branch February 13, 2023 11:21
pulsastrix pushed a commit to pulsastrix/netbird that referenced this pull request Dec 24, 2023
@braginini
Add peer login expiration (netbirdio#682)
473ab5c 
This PR adds a peer login expiration logic that requires
peers created by a user to re-authenticate (re-login) after
a certain threshold of time (24h by default).

The Account object now has a PeerLoginExpiration
property that indicates the duration after which a peer's
login will expire and a login will be required. Defaults to 24h.

There are two new properties added to the Peer object:
LastLogin that indicates the last time peer successfully used
the Login gRPC endpoint and LoginExpirationEnabled that
enables/disables peer login expiration.

The login expiration logic applies only to peers that were created
by a user and not those that were added with a setup key.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pappz pappz pappz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@braginini @pappz