Is there anyway either currently or when Pipes function comes along to implement Oauth Social Login?
Failing that is it possible to turn on autocomplete or a “remember me” style checkbox for email and password (so only the login button needs pressing)?
I’m using Tadabase to create a webview Web App, and dont want the user to have to keep typing log in info, and ideally not get logged put at all since it’s operating in the guise of a native mobile app (and despite having set session expiry to not have a timeout, my test user keeps being logged out of the application).
I need a way to make login as low-effort/automated as possible.
I spoke with @moe a few days and Oauth came up in conversation. It is not currently supported however it is on the Team’s radar. No timeline able to be provided but if they work like the usually do this functionality could come soon.
In the meantime though really need to find a way to enable some kind of “Remember My Details” login check box, or something that maintains login between browser sessions…or even some kind of biometric login like accessing the finger print profile on the mobile device for authentication.
If users on a mobile have to keep typing in email and password several times per day it will quickly get tedious and become a deal breaker for them (especially on a subscription-based paid service).
Looks good, but I’ve not really got a clue where to get started with that (I can do some CSS and ready and understand what code is doing, but not much of one for repurposing or applying to something like Tadabase unfortunately).
One other thing I was looking at (given the posts above probably wouldn’t create a very secure way of doing things):
When I look at the cookies that get created, the session cookie has a 2 hour expiry (even though the site settings are for an 8 hour expiry timeframe).
Is this right? If so/not - is there anyway to control the expiry of the session cookie (assuming that is what controls when next login is required) and to extend the timeframe? Is this meant to respect the timeframe set in the app settings?
I’d love to understand a bit more of the primary concern so we can address it accordingly.
Is the main issue that you want login sessions to last longer even while not being active? Meaning, after leaving the browser and coming back it should not require you to log back in?
@moe basically yes. I’d like to see the login session authentication cookie persist for a configurable period of time so that it can live beyond the web browser session.
Ive got tadabase wrapped in an Android webview APK, so looks and feels like a native mobile application. With the way apps are handled it means the user doesnt mind logging in initially but wouldnt expect to keep doing so.
If could set the session authentication cookie or however the session is handled to have a value in days, or a remember me style check that then persists the session that would be great.
Would really like there to be a “never logout the user” function here. We actually thought this was going to be available with the “Auto logout” set to “off” but it turns out that this does not actually work. Which was super disappointing as we carved a large piece of one app into a separate, stand alone app just to allow for a lower security level for certain functions / users.
Please, please enable this “never logout” feature for those of us that have a use case for it. And, if not, then please disable the “never auto logout” selector since it does not appear to actually work and is very misleading to imply that the feature is available.
Really need this too. There is no way my warehouse and support team is going to be happy about having to login 2 to 3 times a day. It’s actually my only gripe with Tadabase. I understand having it that way for the backend. However, there should at least be an option to extend the login for the front end. 24 hours | 72 hours | 1 week? Thank you!
Any updates on this? Other apps I use will stay logged in for many days even longer. Is there no way to increase the session length? Its disruptive to me and my clients who just want to not have to worry about logging in all the time.
Longer sessions and either a MS login button or even better, SAML login via Azure are really important for me. Being able to restrict login via our AAD domain, and restricting client access via AAD guest account is my goal. I would prefer not to store any client or user passwords outside our directory. We have an entire ecosystem of web apps that seamlessly work together with a single user/password, only tadabase is the outlier