summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSean McGivern <sean@mcgivern.me.uk>2017-12-08 10:00:51 +0000
committerSean McGivern <sean@mcgivern.me.uk>2017-12-08 10:00:51 +0000
commit9429e8ac60a10436a0469d7d206d3f74a2c966c7 (patch)
tree5109929d1dbf55a7c6ab47f54c8c8b8cca11cbc8
parent7fabc892f251740dbd9a4755baede662e6854870 (diff)
parent3bf37b1ad6b7c6ef419e5abae2b4210db7da1ebd (diff)
downloadgitlab-ce-9429e8ac60a10436a0469d7d206d3f74a2c966c7.tar.gz
Merge branch 'docs/add-why-do-i-get-signed-out-authentication-section' into 'master'
Add docs explaining why you get signed out with "Remember me" checked See merge request gitlab-org/gitlab-ce!15756
-rw-r--r--changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml5
-rw-r--r--doc/topics/authentication/index.md1
-rw-r--r--doc/user/profile/index.md26
3 files changed, 31 insertions, 1 deletions
diff --git a/changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml b/changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml
new file mode 100644
index 00000000000..bc245880ed0
--- /dev/null
+++ b/changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml
@@ -0,0 +1,5 @@
+---
+title: Add docs for why you might be signed out when using the Remember me token
+merge_request: 15756
+author:
+type: other
diff --git a/doc/topics/authentication/index.md b/doc/topics/authentication/index.md
index 597c98fbf6b..1f30909b0aa 100644
--- a/doc/topics/authentication/index.md
+++ b/doc/topics/authentication/index.md
@@ -6,6 +6,7 @@ This page gathers all the resources for the topic **Authentication** within GitL
- [SSH](../../ssh/README.md)
- [Two-Factor Authentication (2FA)](../../user/profile/account/two_factor_authentication.md#two-factor-authentication)
+- [Why do I keep getting signed out?](../../user/profile/index.md#why-do-i-keep-getting-signed-out)
- **Articles:**
- [Support for Universal 2nd Factor Authentication - YubiKeys](https://about.gitlab.com/2016/06/22/gitlab-adds-support-for-u2f/)
- [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/)
diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md
index 5fcc0501dc1..04e615330ce 100644
--- a/doc/user/profile/index.md
+++ b/doc/user/profile/index.md
@@ -1,8 +1,32 @@
# User account
-When logged into their GitLab account, users can customize their
+When signed into their GitLab account, users can customize their
experience according to the best approach to their cases.
+## Signing in
+
+There are several ways to sign into your GitLab account.
+See the [authentication topic](../../topics/authentication/index.md) for more details.
+
+### Why do I keep getting signed out?
+
+When signing in to the main GitLab application, a `_gitlab_session` cookie is
+set. `_gitlab_session` is cleared client-side when you close your browser
+and expires after "Application settings -> Session duration (minutes)"/`session_expire_delay`
+(defaults to `10080` minutes = 7 days).
+
+When signing in to the main GitLab application, you can also check the
+"Remember me" option which sets the `remember_user_token`
+cookie (via [`devise`](https://github.com/plataformatec/devise)).
+`remember_user_token` expires after
+`config/initializers/devise.rb` -> `config.remember_for` (defaults to 2 weeks).
+
+When the `_gitlab_session` expires or isn't available, GitLab uses the `remember_user_token`
+to get you a new `_gitlab_session` and keep you signed in through browser restarts.
+
+After your `remember_user_token` expires and your `_gitlab_session` is cleared/expired,
+you will be asked to sign in again to verify your identity (which is for security reasons).
+
## Username
Your `username` is a unique [`namespace`](../group/index.md#namespaces)