sascha
/
Notes
mirror of https://github.com/TriliumNext/Notes
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs(user): describe session management

pull/2248/head
Elian Doran 2025-06-07 12:35:36 +07:00
parent af698550fd
commit 4fd99e1728
No known key found for this signature in database
7 changed files with 149 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/server/src/assets/doc_notes/en/User Guide/!!!meta.json generated vendored
View File

File diff suppressed because one or more lines are too long

5
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Advanced Usage/Metrics.html generated vendored
Unescape Escape View File

@ -80,15 +80,13 @@ trilium_notes_total 1234 1701432000
<li><code>401</code> - Missing or invalid ETAPI token</li>
<li><code>500</code> - Internal server error</li>
</ul>
<p>&nbsp;</p>
<h2><strong>Grafana Dashboard</strong></h2>
<figure class="image">
<img style="aspect-ratio:2594/1568;" src="1_Metrics_image.png" width="2594"
height="1568">
</figure>
<p>&nbsp;</p>
<p>You can also use the Grafana Dashboard that has been created for TriliumNext
- just take the JSON from&nbsp;<a class="reference-link" href="#root/pOsGYCXsbNQG/tC7s2alapj8V/uYF7pmepw27K/_help_bOP3TB56fL1V">grafana-dashboard.json</a>&nbsp;and
- just take the JSON from&nbsp;<a class="reference-link" href="#root/_help_bOP3TB56fL1V">grafana-dashboard.json</a>&nbsp;and
then import the dashboard, following these screenshots:</p>
<figure class="image">
<img style="aspect-ratio:1881/282;" src="2_Metrics_image.png" width="1881"
@ -99,4 +97,3 @@ trilium_notes_total 1234 1701432000
<img style="aspect-ratio:1055/830;" src="Metrics_image.png" width="1055"
height="830">
</figure>
<p>&nbsp;</p>

5
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation.html generated vendored
Unescape Escape View File

@ -46,10 +46,7 @@
variable to something larger than the integer <code>250</code> (e.g. <code>450</code> in
the following example):</p><pre><code class="language-text-x-trilium-auto">export MAX_ALLOWED_FILE_SIZE_MB=450</code></pre>
<h3>Disabling Authentication</h3>
<p>If you are running Trilium on localhost only or if authentication is handled
by another component, you can disable Triliums authentication by adding
the following to <code>config.ini</code>:</p><pre><code class="language-text-x-trilium-auto">[General]
noAuthentication=true</code></pre>
<p>See&nbsp;<a class="reference-link" href="#root/pOsGYCXsbNQG/Otzi9La2YAUX/_help_0hzsNCP31IAB">Authentication</a>.</p>
<h2>Reverse Proxy Setup</h2>
<p>To configure a reverse proxy for Trilium, you can use either <strong>nginx</strong> or <strong>Apache</strong>.
You can also check out the documentation stored in the Reverse proxy folder.</p>

35
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/Authentication.html generated vendored
Unescape Escape View File

@ -0,0 +1,35 @@
<h2>Disabling authentication</h2>
<p>If you are running Trilium on <code>localhost</code> only or if authentication
is handled by another component, you can disable Triliums authentication
by adding the following to <code>config.ini</code>:</p><pre><code class="language-text-x-trilium-auto">[General]
noAuthentication=true</code></pre>
<p>Disabling authentication will bypass even the&nbsp;<a class="reference-link"
href="#root/pOsGYCXsbNQG/Otzi9La2YAUX/WOcw2SLH6tbX/_help_7DAiwaf8Z7Rz">Multi-Factor Authentication</a>&nbsp;since
v0.94.1.</p>
<h2>Understanding how the session works</h2>
<p>Once logged into Trilium, the application will store this information
about the login into a cookie on the browser, but also as a session on
the server.</p>
<p>If “Remember me” is checked, then the login will expire in 21 days. This
period can be adjusted by modifying the <code>Session.cookieMaxAge</code> value
in <code>config.ini</code>. For example, to have the session expire in one
day:</p><pre><code class="language-text-x-trilium-auto">[Session]
cookieMaxAge=86400</code></pre>
<p>When “Remember me” is unchecked, the behavior is different. At client/browser
level the authentication does not have any expiration date, but it will
be automatically cleared as soon as the user closes the browser. Nevertheless,
the server will also dismiss this authentication in around 24 hours from
the <em>last interaction with the application</em>.</p>
<h2>Viewing active sessions</h2>
<p>The login sessions are now stored in the same&nbsp;<a class="reference-link"
href="#root/pOsGYCXsbNQG/tC7s2alapj8V/_help_wX4HbRucYSDD">Database</a>&nbsp;as
the user data. In order to view which sessions are active, open the&nbsp;
<a
class="reference-link" href="#root/pOsGYCXsbNQG/tC7s2alapj8V/wX4HbRucYSDD/oyIAJ9PvvwHX/_help_YKWqdJhzi2VY">SQL Console</a>&nbsp;and run the following query:</p><pre><code class="language-text-x-sqlite-schema-trilium">SELECT * FROM sessions</code></pre>
<p>Expired sessions are periodically cleaned by the server, generally an
hourly interval.</p>
<h2>See also</h2>
<ul>
<li><a class="reference-link" href="#root/pOsGYCXsbNQG/Otzi9La2YAUX/WOcw2SLH6tbX/_help_7DAiwaf8Z7Rz">Multi-Factor Authentication</a>
</li>
</ul>

79
docs/User Guide/!!!meta.json vendored
Unescape Escape View File

@ -199,6 +199,13 @@
"value": "server-installation",
"isInheritable": false,
"position": 30
},
{
"type": "relation",
"name": "internalLink",
"value": "0hzsNCP31IAB",
"isInheritable": false,
"position": 130
}
],
"format": "markdown",
@ -650,6 +657,55 @@
"dataFileName": "TLS Configuration.md",
"attachments": []
},
{
"isClone": false,
"noteId": "0hzsNCP31IAB",
"notePath": [
"pOsGYCXsbNQG",
"Otzi9La2YAUX",
"WOcw2SLH6tbX",
"0hzsNCP31IAB"
],
"title": "Authentication",
"notePosition": 110,
"prefix": null,
"isExpanded": false,
"type": "text",
"mime": "text/html",
"attributes": [
{
"type": "label",
"name": "iconClass",
"value": "bx bx-lock-alt",
"isInheritable": false,
"position": 10
},
{
"type": "relation",
"name": "internalLink",
"value": "7DAiwaf8Z7Rz",
"isInheritable": false,
"position": 20
},
{
"type": "relation",
"name": "internalLink",
"value": "wX4HbRucYSDD",
"isInheritable": false,
"position": 30
},
{
"type": "relation",
"name": "internalLink",
"value": "YKWqdJhzi2VY",
"isInheritable": false,
"position": 40
}
],
"format": "markdown",
"dataFileName": "Authentication.md",
"attachments": []
},
{
"isClone": false,
"noteId": "7DAiwaf8Z7Rz",
@ -660,7 +716,7 @@
"7DAiwaf8Z7Rz"
],
"title": "Multi-Factor Authentication",
"notePosition": 110,
"notePosition": 120,
"prefix": null,
"isExpanded": false,
"type": "text",
@ -686,6 +742,13 @@
"value": "",
"isInheritable": false,
"position": 20
},
{
"type": "label",
"name": "iconClass",
"value": "bx bx-stopwatch",
"isInheritable": false,
"position": 30
}
],
"format": "markdown",
@ -10729,18 +10792,18 @@
"mime": "text/html",
"attributes": [
{
"type": "label",
"name": "iconClass",
"value": "bx bxs-data",
"type": "relation",
"name": "internalLink",
"value": "bOP3TB56fL1V",
"isInheritable": false,
"position": 10
},
{
"type": "relation",
"name": "internalLink",
"value": "bOP3TB56fL1V",
"type": "label",
"name": "iconClass",
"value": "bx bxs-data",
"isInheritable": false,
"position": 20
"position": 10
}
],
"format": "markdown",

7
docs/User Guide/User Guide/Installation & Setup/Server Installation.md vendored
Unescape Escape View File

@ -46,12 +46,7 @@ export MAX_ALLOWED_FILE_SIZE_MB=450
### Disabling Authentication
If you are running Trilium on localhost only or if authentication is handled by another component, you can disable Triliums authentication by adding the following to `config.ini`:
```
[General]
noAuthentication=true
```
See <a class="reference-link" href="Server%20Installation/Authentication.md">Authentication</a>.
## Reverse Proxy Setup

38
docs/User Guide/User Guide/Installation & Setup/Server Installation/Authentication.md vendored
Unescape Escape View File

@ -0,0 +1,38 @@
# Authentication
## Disabling authentication
If you are running Trilium on `localhost` only or if authentication is handled by another component, you can disable Triliums authentication by adding the following to `config.ini`:
```
[General]
noAuthentication=true
```
Disabling authentication will bypass even the <a class="reference-link" href="Multi-Factor%20Authentication.md">Multi-Factor Authentication</a> since v0.94.1.
## Understanding how the session works
Once logged into Trilium, the application will store this information about the login into a cookie on the browser, but also as a session on the server.
If “Remember me” is checked, then the login will expire in 21 days. This period can be adjusted by modifying the `Session.cookieMaxAge` value in `config.ini`. For example, to have the session expire in one day:
```
[Session]
cookieMaxAge=86400
```
When “Remember me” is unchecked, the behavior is different. At client/browser level the authentication does not have any expiration date, but it will be automatically cleared as soon as the user closes the browser. Nevertheless, the server will also dismiss this authentication in around 24 hours from the _last interaction with the application_.
## Viewing active sessions
The login sessions are now stored in the same <a class="reference-link" href="../../Advanced%20Usage/Database.md">Database</a> as the user data. In order to view which sessions are active, open the <a class="reference-link" href="../../Advanced%20Usage/Database/Manually%20altering%20the%20database/SQL%20Console.md">SQL Console</a> and run the following query:
```trilium
SELECT * FROM sessions
```
Expired sessions are periodically cleaned by the server, generally an hourly interval.
## See also
* <a class="reference-link" href="Multi-Factor%20Authentication.md">Multi-Factor Authentication</a>