Mailcow Login Authentication Validity Period?

1n5

Ever since the change to where all authentication must be through Mailcow’s login system, (which went amazingly smooth, by the way) my users have been complaining that their authentication is only valid for a single day, and they have to login each time. Previously, the SoGo login would last maybe a week or so, maybe longer before expiring, and requiring a re-login.

I took a look, and the cookies are set with “max-age” of “session”, which is what I am assuming is doing this.

Is there a way I can change the validity of the login? I skimmed through the config files I thought would be related and didn’t see anything that seemed like it would be related.

I forgot to add, this is with local, Mailcow-based Identities. No external IDP is involved.

D4niel

Have you already tried here? https://docs.mailcow.email/manual-guides/mailcow-UI/u_e-mailcow_ui-config/

1n5

Thanks. I think I did look in there, but I did not see that documentation page, so only skimmed the file, and must have missed it.

For others: I edited data/web/inc/vars.local.inc.php and saw $SESSION_LIFETIME was set to 2 hours. I do seem to get more than 2 hours, so that’s a bit odd, but I have set it to 6 hours, and am testing what results this gives.

There is a $ACCESS_TOKEN_LIFETIME which is set to exactly one day, but that should only be for OAuth2.

1n5

Just to completely resolve and explain my issue and solution to future searchers:

$SESSION_LIFETIME was the variable that needed changed, and I tested increasing it to 2 days, and was successful. Longer periods appear to work as well.

It is a little interesting that the default value for $SESSION_LIFETIME is only 2 hours, and yet sessions were lasting longer than 2 hours, but setting it to a longer period does work, so…..

D4niel

Depends on how “session” is defined. If you open the tab again within the lifetime, the time of the existing session could be extended by two hours.