admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2022-02-11 17:56:34 +00:00
parent d7aebe56bf
commit 370faf5c83
2 changed files with 31 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/8.0/ayanova/docs/adm-users.md
View File

@@ -128,7 +128,7 @@ This read only field shows the most recent date and time this User logged in.
The active field controls whether a User is enabled in AyaNova. Inactive Users can not log in and their name is not offered in selection lists for new records by default.
##### Revoking access / locking out Users
##### Revoking access and locking out Users
Only active Users can login. If a User is set to inactive their authentication token is immediately revoked and even if they are currently logged in they will be logged out the moment they attempt any operation in AyaNova that needs to connect with the server or when the web application attempts to connect behind the scenes to check for notifications as it periodically does.

32
docs/8.0/ayanova/docs/ay-start-login.md
View File

@@ -10,11 +10,39 @@ If AyaNova is in trial mode for testing there will be a [sample user select list
At the bottom of the login form is a link to the AyaNova website displayed as the version and copyright information for the AyaNova app.
## Login token
When you log in, the AyaNova server issues a time limited authentication token used to grant access.
Logging in again as the same User automatically invalidates the previous login token issued for that User.
If you are logged in and working and another user logs in with your account, you will be unable to continue working.
## Authentication period
To avoid disruption you should log out at the end of each work day and log in at the start of each work day.
When you login to AyaNova, the server issues you an authentication token that is valid for **5 days**.
After 5 days the token will expire and AyaNova will automatically redirect to the login page.
If you are in the middle of entering data in a form, that work will be lost if the token is allowed to expire.
## Revoking access and locking out a User
A User's authentication token can be [revoked at any time](adm-users.md#revoking-access-and-locking-out-users) locking them out immediately.
## Loss of authentication on server restart
If the Users are forced to re-login any time the AyaNova server is restarted the [JWT Secret setting](ops-config-jwt-secret.md) was probably not set as recommended during installation and should be verified.
If this setting is configured properly Users will be able to continue working after the server is restarted without the need to log back in again.
## Logout
Technically it is unnecessary to logout unless you need to re-login as another user however some cached data is cleared on logout.
Technically it is unnecessary to logout, you can also just close the browser page, however some clean up is done on log out to free up browser storage space.
Log out from the bottom of the Navigation bar menu.
Log out by clicking on the _Log out_ button at the bottom of the [Navigation drawer](ay-start-form-overview.md#navigation-drawer).
## Resetting cached data