Add remember me checkbox, center and narrow sign-in form

- Add "Remember me for 30 days" checkbox (30-day vs 24-hour session expiry) - Center heading and constrain form width to max-w-md - Preserve remember_me preference through TOTP and WebAuthn auth flows Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 11:22:51 +10:00
parent 2235924f37
commit 9197524c88
4 changed files with 29 additions and 9 deletions
--- a/app/controllers/concerns/authentication.rb
+++ b/app/controllers/concerns/authentication.rb
@@ -43,9 +43,9 @@ module Authentication
    session.delete(:return_to_after_authenticating) || root_url
  end

-  def start_new_session_for(user, acr: "1")
+  def start_new_session_for(user, acr: "1", remember_me: false)
    user.update!(last_sign_in_at: Time.current)
-    user.sessions.create!(user_agent: request.user_agent, ip_address: request.remote_ip, acr: acr).tap do |session|
+    user.sessions.create!(user_agent: request.user_agent, ip_address: request.remote_ip, acr: acr, remember_me: remember_me).tap do |session|
      Current.session = session

      # Extract root domain for cross-subdomain cookies (required for forward auth)