diff options
| author | Sean McGivern <sean@mcgivern.me.uk> | 2017-12-08 10:00:51 +0000 |
|---|---|---|
| committer | Sean McGivern <sean@mcgivern.me.uk> | 2017-12-08 10:00:51 +0000 |
| commit | 9429e8ac60a10436a0469d7d206d3f74a2c966c7 (patch) | |
| tree | 5109929d1dbf55a7c6ab47f54c8c8b8cca11cbc8 | |
| parent | 7fabc892f251740dbd9a4755baede662e6854870 (diff) | |
| parent | 3bf37b1ad6b7c6ef419e5abae2b4210db7da1ebd (diff) | |
| download | gitlab-ce-9429e8ac60a10436a0469d7d206d3f74a2c966c7.tar.gz | |
Merge branch 'docs/add-why-do-i-get-signed-out-authentication-section' into 'master'
Add docs explaining why you get signed out with "Remember me" checked
See merge request gitlab-org/gitlab-ce!15756
| -rw-r--r-- | changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml | 5 | ||||
| -rw-r--r-- | doc/topics/authentication/index.md | 1 | ||||
| -rw-r--r-- | doc/user/profile/index.md | 26 |
3 files changed, 31 insertions, 1 deletions
diff --git a/changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml b/changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml new file mode 100644 index 00000000000..bc245880ed0 --- /dev/null +++ b/changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml @@ -0,0 +1,5 @@ +--- +title: Add docs for why you might be signed out when using the Remember me token +merge_request: 15756 +author: +type: other diff --git a/doc/topics/authentication/index.md b/doc/topics/authentication/index.md index 597c98fbf6b..1f30909b0aa 100644 --- a/doc/topics/authentication/index.md +++ b/doc/topics/authentication/index.md @@ -6,6 +6,7 @@ This page gathers all the resources for the topic **Authentication** within GitL - [SSH](../../ssh/README.md) - [Two-Factor Authentication (2FA)](../../user/profile/account/two_factor_authentication.md#two-factor-authentication) +- [Why do I keep getting signed out?](../../user/profile/index.md#why-do-i-keep-getting-signed-out) - **Articles:** - [Support for Universal 2nd Factor Authentication - YubiKeys](https://about.gitlab.com/2016/06/22/gitlab-adds-support-for-u2f/) - [Security Webcast with Yubico](https://about.gitlab.com/2016/08/31/gitlab-and-yubico-security-webcast/) diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md index 5fcc0501dc1..04e615330ce 100644 --- a/doc/user/profile/index.md +++ b/doc/user/profile/index.md @@ -1,8 +1,32 @@ # User account -When logged into their GitLab account, users can customize their +When signed into their GitLab account, users can customize their experience according to the best approach to their cases. +## Signing in + +There are several ways to sign into your GitLab account. +See the [authentication topic](../../topics/authentication/index.md) for more details. + +### Why do I keep getting signed out? + +When signing in to the main GitLab application, a `_gitlab_session` cookie is +set. `_gitlab_session` is cleared client-side when you close your browser +and expires after "Application settings -> Session duration (minutes)"/`session_expire_delay` +(defaults to `10080` minutes = 7 days). + +When signing in to the main GitLab application, you can also check the +"Remember me" option which sets the `remember_user_token` +cookie (via [`devise`](https://github.com/plataformatec/devise)). +`remember_user_token` expires after +`config/initializers/devise.rb` -> `config.remember_for` (defaults to 2 weeks). + +When the `_gitlab_session` expires or isn't available, GitLab uses the `remember_user_token` +to get you a new `_gitlab_session` and keep you signed in through browser restarts. + +After your `remember_user_token` expires and your `_gitlab_session` is cleared/expired, +you will be asked to sign in again to verify your identity (which is for security reasons). + ## Username Your `username` is a unique [`namespace`](../group/index.md#namespaces) |