From e78a93588b8e3a04f0bc3b56a4d7d8f3f9ea3c21 Mon Sep 17 00:00:00 2001 From: Steve Boyd Date: Mon, 16 Aug 2021 10:39:41 +1200 Subject: [PATCH] DOC Add session-manager to changelog --- docs/en/04_Changelogs/4.9.0.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/en/04_Changelogs/4.9.0.md b/docs/en/04_Changelogs/4.9.0.md index fba5ba140..36072b42a 100644 --- a/docs/en/04_Changelogs/4.9.0.md +++ b/docs/en/04_Changelogs/4.9.0.md @@ -4,6 +4,7 @@ - [Features and enhancements](#features-and-enhancements) - [Image lazy loading](#image-lazy-loading) + - [Manage your CMS sessions across devices](#session-manager) - [Other new features](#other-features) - [Bugfixes](#bugfixes) @@ -40,6 +41,16 @@ SilverStripe\Assets\Image: CMS authors can disable lazy loading on images added via the WYSIWYG editor in the "Edit image" panel by setting the new "Loading" field to "Eager". +### Manage your CMS sessions across devices {#session-manager} + +The [session manager module](https://github.com/silverstripe/silverstripe-session-manager) is a new security focused feature which allows a CMS user to view and manage their active sessions in the CMS within the "My profile" section of the CMS (/admin/myprofile). They can see the device details behind each session and have the ability to revoke these sessions. This new module has been added to `silverstripe/recipe-cms` which is the recommended method of managing Silverstripe CMS dependencies in a project. + +Projects that have `silverstripe/recipe-cms` as a requirement in their `composer.json` will automatically get `silverstripe/session-manager` when you run `composer update`. If your project does not use `silverstripe/recipe-cms`, it's recommended that you require `silverstripe/session-manager` in your composer file as a security enhancement. The session manager module requires no configuration and works out-of-the-box. + +If your site has the [symbiote/silverstripe-queuedjobs](https://github.com/symbiote/silverstripe-queuedjobs) module installed, then a job will automatically be created that will periodically remove old database records created by the session manager module. + +CMS users can review the [Session Manager user help](https://userhelp.silverstripe.org/en/4/managing_your_website/session_manager/) for more information on managing their sessions. + ### Other new features * [Dot notation support in form fields](https://github.com/silverstripe/silverstripe-framework/pull/9192): Save directly into nested has_one relationships (see [docs](/developer_guides/forms/how_tos/handle_nested_data)).