conditionally set visit/login deadlines per login

[junbl]

It's fairly common for login pages to have a "keep me logged in" option. I'd love a way to do this with actix_identity.

Maybe a Identity::login_with_deadline function that would overwrite any visit/login deadline set in IdentityMiddleware? This seems difficult with the current setup, but maybe fields for per-user deadlines could be added to Identity? Then the existing enabled flags could be replaced with Option<Duration> which is either a Copy of the Duration in IdentityMiddleware or a custom one, and that's what gets checked to see if a user should be logged out (not sure if that's even possible).

Probably easier would be to provide methods to access the visit/login_deadline_enabled fields on a given identity, but to achieve the "keep logged in functionality" you'd basically just have to choose between no deadline and a short auto-logout one (ideally we could keep a default deadline even if users choose to be kept logged in).

Would love to hear what others think!

[junbl]

Just saw this session lifecycle method for SessionMiddleware. This seems perfect for this use case, if there's a way to set this per user login.