Implement sudo mode / reauthentication (#7753)

* Implement sudo mode / reauthentication * i18n: fr * generate flags * Improvements * Remove HMAC check * Don't require reauth to access logs when signed in as admin * Notify user of bad login via notification instead --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
author: Inverle <inverle@proton.me> 2025-07-31 13:53:14 +0200
committer: GitHub <noreply@github.com> 2025-07-31 13:53:14 +0200
commit: 3ce64d271b2b470bd6c9f7294946347dcdfed9b9 (patch)
tree: 56b5a0928f1ce2b0486e866abd5456bc43ea8ed9 /config.default.php
parent: d0425f8c3ab14e72142b1a4f946d57b408f26c88 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/config.default.php b/config.default.php
index f42fdc215..c839c9a3c 100644
--- a/config.default.php
+++ b/config.default.php
@@ -59,6 +59,13 @@ return [
 	#		and in particular not protect `/FreshRSS/p/api/` if you would like to use the API (different login system).
 	'auth_type' => 'form',
 
+	# Whether reauthentication is required for performing sensitive actions e.g. promoting a user or applying an update
+	'reauth_required' => true,
+
+	# Time before asking for reauth
+	#    Default: 1200s (20 min)
+	'reauth_time' => 1200,
+
 	# When using http_auth, automatically register any unknown user
 	'http_auth_auto_register' => true,
author	Inverle <inverle@proton.me>	2025-07-31 13:53:14 +0200
committer	GitHub <noreply@github.com>	2025-07-31 13:53:14 +0200
commit	3ce64d271b2b470bd6c9f7294946347dcdfed9b9 (patch)
tree	56b5a0928f1ce2b0486e866abd5456bc43ea8ed9 /config.default.php
parent	d0425f8c3ab14e72142b1a4f946d57b408f26c88 (diff)