feat(session): preserve intended URL across session timeout and add expiry warning dialog
When a session expires, the user's current URL is now captured and restored after re-authentication (via remember-me cookie or manual login), instead of always redirecting to the dashboard. A JavaScript session warning dialog appears ~2 minutes before idle timeout, allowing users to extend their session with a single click. Includes open-redirect prevention via URL validation, Microsoft SSO callback support, and 33 unit tests. Refs: SESSION-REDIRECT-PRESERVE-001 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -1300,5 +1300,9 @@
|
||||
"Access and profile sync": "Zugriff und Profilabgleich",
|
||||
"Profile sync": "Profilabgleich",
|
||||
"App credentials (advanced)": "App-Anmeldedaten (Erweitert)",
|
||||
"Remember token lifetime is invalid": "Token-Lebensdauer ist ungültig"
|
||||
"Remember token lifetime is invalid": "Token-Lebensdauer ist ungültig",
|
||||
"Session expiring": "Sitzung läuft ab",
|
||||
"Your session will expire in {countdown}. Would you like to continue?": "Ihre Sitzung läuft in {countdown} ab. Möchten Sie fortfahren?",
|
||||
"Extend session": "Sitzung verlängern",
|
||||
"Log out": "Abmelden"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user