feat: trusted IPs bypass admin session timeout #55

Merged

jmiller merged 4 commits from dev into main 2026-05-26 19:44:23 +00:00

Conversation 0 Commits 4 Files Changed 8

+156 -4

jmiller commented 2026-05-26 19:41:38 +00:00

Owner

Copy Link

Copy Source

Summary

• Add configurable repeatable rows of trusted IP addresses that bypass admin session timeout
• Supports exact IPs, CIDR notation (e.g. 10.0.0.0/24), and wildcard patterns (e.g. 192.168.1.*)
• Each entry has a label and enabled/disabled toggle for easy management
• New subform field in the Security tab renders as an admin table with add/remove/reorder

Files changed

• forms/trusted_ip_entry.xml -- new subform definition
• mokowaas.xml -- added trusted_ips field to security fieldset
• Extension/MokoWaaS.php -- added ipIsTrusted() + updated enforceAdminSessionTimeout()
• language/en-GB/*.ini + en-US/*.ini -- 8 new language strings
• CHANGELOG.md -- documented under Unreleased

Test plan

• Verify trusted IPs subform renders in Security tab
• Add exact IP, CIDR range, and wildcard entries
• Confirm session does not expire for matching IP
• Confirm session still expires for non-matching IP
• Toggle entry disabled and verify timeout resumes

Generated with Claude Code

## Summary - Add configurable repeatable rows of trusted IP addresses that bypass admin session timeout - Supports exact IPs, CIDR notation (e.g. 10.0.0.0/24), and wildcard patterns (e.g. 192.168.1.*) - Each entry has a label and enabled/disabled toggle for easy management - New subform field in the Security tab renders as an admin table with add/remove/reorder ## Files changed - `forms/trusted_ip_entry.xml` -- new subform definition - `mokowaas.xml` -- added trusted_ips field to security fieldset - `Extension/MokoWaaS.php` -- added `ipIsTrusted()` + updated `enforceAdminSessionTimeout()` - `language/en-GB/*.ini` + `en-US/*.ini` -- 8 new language strings - `CHANGELOG.md` -- documented under Unreleased ## Test plan - [ ] Verify trusted IPs subform renders in Security tab - [ ] Add exact IP, CIDR range, and wildcard entries - [ ] Confirm session does not expire for matching IP - [ ] Confirm session still expires for non-matching IP - [ ] Toggle entry disabled and verify timeout resumes Generated with Claude Code

jmiller added 4 commits 2026-05-26 19:41:39 +00:00

Merge pull request 'chore: cascade main → dev (a68e90d) [skip ci]' (#54) from main into dev ... 0788e8e2ab

chore: cascade main → dev [skip ci]

feat: trusted IPs bypass admin session timeout ... ad4c658b3d

Add configurable repeatable rows of trusted IP addresses that bypass
the admin session timeout. Supports exact IPs, CIDR ranges, and
wildcard patterns with per-entry labels and enabled toggles.

Authored-by: Moko Consulting
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

chore(version): auto-bump patch 02.10.05 [skip ci] d92df704c4

chore: update updates.xml (development: 02.10.05-dev) [skip ci] c97c29f9ed

jmiller merged commit a2eaf549af into main 2026-05-26 19:44:23 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

automation

Automated processes or scripts

breaking-change

Breaking API or functionality change

build

Build system changes

ci-cd

CI/CD pipeline changes

config

Configuration file changes

css

CSS/styling changes

dependencies

Dependency updates

deploy-failure

Automated deploy failure tracking

docker

Docker configuration changes

documentation

Documentation changes

dolibarr

Dolibarr module or extension

generic

Generic project or library

good first issue

Good for newcomers

health-check

Repository health check results

health: excellent

Health score 90-100

health: fair

Health score 50-69

health: good

Health score 70-89

health: poor

Health score below 50

help wanted

Extra attention needed

html

HTML template changes

javascript

JavaScript code changes

joomla

Joomla extension or component

major-release

Major version release (breaking changes)

minor-release

Minor version release (XX.YY.00)

mokostandards

MokoStandards compliance

needs-review

Awaiting code review

needs-testing

Requires manual or automated testing

patch-release

Patch version release (XX.YY.ZZ)

php

PHP code changes

priority: critical

Critical priority, must be addressed immediately

priority: high

High priority

priority: low

Low priority

priority: medium

Medium priority

push-failure

File push failure requiring attention

python

Python code changes

regression

Regression from a previous working state

release-candidate

Release candidate build

security

Security-related changes

size/l

Large change (101-300 lines)

size/m

Medium change (31-100 lines)

size/s

Small change (11-30 lines)

size/xl

Extra large change (301-1000 lines)

size/xs

Extra small change (1-10 lines)

size/xxl

Extremely large change (1000+ lines)

standards-drift

Repository drifted from MokoStandards

standards-update

MokoStandards sync update

standards-violation

Standards compliance failure

status: blocked

Blocked by another issue or dependency

status: in-progress

Currently being worked on

status: needs-review

Awaiting code review

status: on-hold

Temporarily on hold

status: pending

Pending action or decision

status: wontfix

This will not be worked on

sync-failure

Bulk sync failure requiring attention

sync-report

Bulk sync run report

template-validation-failure

Template workflow validation failure

test-failure

Automated test failure

tests

Test suite changes

type: bug

Something isn't working

type: chore

Maintenance tasks

type: enhancement

Enhancement to existing feature

type: feature

New feature or request

type: refactor

Code refactoring

type: release

Release preparation or tracking

type: test

Test suite additions or changes

type: version

Version-related change

typescript

TypeScript code changes

version

Version bump or release

version-branch

Version branch related

version-drift

Version mismatch detected

work-in-progress

Work in progress, not ready for merge

bug

Something is not working

chore

Maintenance and housekeeping

documentation

Documentation improvements

enhancement

Improvement to existing functionality

feature

New feature or request

pending: dependency

Blocked by another issue or external dependency

pending: deployment

Tested and approved, awaiting deployment to production

pending: design

Needs UI/UX or architecture design before implementation

pending: documentation

Feature works, needs documentation/wiki update

pending: feedback

Awaiting feedback or decision from stakeholder

pending: review

Implementation complete, awaiting code review

pending: testing

Feature implemented but not yet tested

priority: critical

Must fix immediately

priority: high

Should fix soon

priority: low

Nice to have

priority: medium

Fix when convenient

refactor

Code restructuring without behavior change

roadmap

Planned feature or enhancement tracked on the roadmap

scope: client

Client-specific work

scope: dolibarr

Dolibarr modules and customizations

scope: infrastructure

Server, CI, backups, monitoring

scope: joomla

Joomla templates and extensions

scope: waas

MokoWaaS platform

security

Security vulnerability or hardening

status: blocked

Waiting on external dependency

status: duplicate

Duplicate of another issue

status: in-progress

Being worked on

status: needs-review

Ready for review

status: wontfix

Will not be addressed

No labels

Milestone

No items

No Milestone

Assignees

Clear assignees

jmiller (Jonathan Miller)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: MokoConsulting/MokoWaaS#55