mirror of
https://github.com/coder/coder.git
synced 2025-07-03 16:13:58 +00:00
f569d9c33d
# Add separate token lifetime limits for administrators This PR introduces a new configuration option `--max-admin-token-lifetime` that allows administrators to create API tokens with longer lifetimes than regular users. By default, administrators can create tokens with a lifetime of up to 7 days (168 hours), while the existing `--max-token-lifetime` setting continues to apply to regular users. The implementation: - Adds a new `MaximumAdminTokenDuration` field to the session configuration - Modifies the token validation logic to check the user's role and apply the appropriate lifetime limit - Updates the token configuration endpoint to return the correct maximum lifetime based on the user's role - Adds tests to verify that administrators can create tokens with longer and shorter lifetimes - Updates documentation and help text to reflect the new option This change allows organizations to grant administrators extended token lifetimes while maintaining tighter security controls for regular users. Fixes #17395