feat: implement remember-me login (Feature 023)

[Copilot]

Adds opt-in "Remember Me" checkbox to the login form. When checked, Laravel's built-in remember_token + long-lived cookie mechanism is activated via SessionOrTokenGuard (which already supports it but was never called with $remember = true).

Backend

• RequestAttribute: New REMEMBER_ME_ATTRIBUTE constant
• LoginRequest: Optional remember_me boolean validation rule + rememberMe() accessor
• AuthController::login(): Passes $remember to Auth::attempt() (local) and Auth::login() (LDAP); log messages include [remember=true/false]
• config/auth.php: 'remember' => (int) env('REMEMBER_LIFETIME', 40320) on the lychee guard (4 weeks default)

Frontend

• auth-service.ts: login() accepts rememberMe param, sends as remember_me in POST body
• LoginForm.vue: PrimeVue Checkbox below password field, only rendered inside v-if="is_basic_auth_enabled" block

Translations

• remember_me key added to all 22 lang/*/dialogs.php files with localized strings where available

Tests

• RememberMeTest: 5 cases covering cookie presence/absence, backward compat (field omitted), invalid credentials, non-boolean → 422

Conflict resolution

• Restored ALBUM_TITLE_COLOR_ATTRIBUTE, ALBUM_TITLE_POSITION_ATTRIBUTE, HEADER_PHOTO_FOCUS_ATTRIBUTE constants added to master via Album header improvements #4105

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Summary by CodeRabbit

Release Notes

• New Features

  • Added "Remember Me" checkbox to login form for persistent authentication across browser sessions (default 4-week duration).
  • Configurable login persistence duration via environment variable.

• Documentation

  • Added comprehensive feature specifications and implementation roadmap.

• Internationalization

  • Added "Remember Me" label translations for 22 languages.

• Tests

  • Added verification tests for remember-me login functionality.

[ildyria]

@coderabbitai review please.

[coderabbitai]

@ildyria: I'll review the changes in this PR right away.

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR implements a "Remember Me" login feature enabling persistent authentication across the application stack. Changes include backend support (LoginRequest, AuthController, auth config), frontend UI checkbox and service updates, comprehensive documentation (spec, plan, tasks), translations across 22 languages, and feature tests validating cookie-based remember-me behavior.

Changes

Cohort / File(s)	Summary
Configuration & Constants .env.example, config/auth.php, app/Contracts/Http/Requests/RequestAttribute.php	Added REMEMBER_LIFETIME environment variable configuration (default 40320 minutes), new remember_me configuration entry under Lychee guard, and REMEMBER_ME_ATTRIBUTE constant.
Backend Authentication app/Http/Requests/Session/LoginRequest.php, app/Http/Controllers/AuthController.php	Extended LoginRequest with remember_me validation and rememberMe() method; updated AuthController login flow to accept and propagate remember flag to both LDAP and local authentication paths, including updated method signature for attemptLdapLogin.
Frontend Components & Services resources/js/components/forms/auth/LoginForm.vue, resources/js/services/auth-service.ts	Added PrimeVue Checkbox UI component for remember-me in LoginForm; extended auth-service.login method signature to accept optional rememberMe parameter and include it in POST payload.
Translation Entries lang/{ar,bg,cz,de,el,en,es,fa,fr,hu,it,ja,nl,no,pl,pt,ru,sk,sv,vi,zh_CN,zh_TW}/dialogs.php	Added remember_me translation key across 22 language files with corresponding localized labels for the login dialog.
Documentation & Specifications docs/specs/4-architecture/features/023-remember-me-login/{spec,plan,tasks}.md, docs/specs/4-architecture/{open-questions,roadmap}.md	Introduced comprehensive feature specification (vision, requirements, scenarios), implementation plan (4-increment strategy), task breakdown with verification steps, updated open questions with cookie duration decision, and roadmap reflecting new active feature.
Feature Tests tests/Feature_v2/User/RememberMeTest.php	Added RememberMeTest class with 5 test cases covering remember_me cookie presence/absence on login with various scenarios (true, false, omitted, invalid credentials, non-boolean input).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~28 minutes

Poem

🐰 A hop and a click, a checkbox so neat,
"Remember me!" the login will greet,
Four weeks of trust, from backend to view,
Across twenty-two tongues, the feature rings true,
Twenty-two lands, one remember-me dream! ✨

🚥 Pre-merge checks | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (4)

lang/cz/dialogs.php (1)

69-69: Consider adding the Czech translation.

The value is currently in English ("Remember me") rather than Czech. For consistency with other translated strings in this file (e.g., "Zavřít", "Zrušit"), consider using the Czech translation: "Zapamatuj si mě".

This is optional given the PR's scope of adding translations "where available."

💬 Suggested Czech translation

-        'remember_me' => 'Remember me',
+        'remember_me' => 'Zapamatuj si mě',

docs/specs/4-architecture/features/023-remember-me-login/tasks.md (1)

136-144: Add the required markdown footer format at the bottom.

This doc should end with an HR and *Last updated: ...* footer at the bottom (not only near the top).

As per coding guidelines "**/*.md: At the bottom of documentation files, add an hr line followed by 'Last updated: [date of the update]'."

docs/specs/4-architecture/open-questions.md (1)

1770-1776: Update the "Last updated" date.

The resolved question Q-023-01 was added after the "Last updated: 2026-01-02" line. Per documentation guidelines, update the date to reflect the latest changes (2026-02-28).

Also, per the open-questions workflow, resolved questions should be removed once the answer is captured in the spec's normative sections. Since Q-023-01's decision is now recorded in spec.md (Non-Goals, NFR-023-01), this entry could be removed entirely, or at minimum moved above the horizontal rule and timestamp.

docs/specs/4-architecture/roadmap.md (1)

103-103: Update the "Last updated" date.

The file shows "Last updated: 2026-02-26" but the changes in this PR are dated 2026-02-28. Update to reflect the current date.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a3a6645 and 388068b.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (35)

• .env.example
• app/Contracts/Http/Requests/RequestAttribute.php
• app/Http/Controllers/AuthController.php
• app/Http/Requests/Session/LoginRequest.php
• config/auth.php
• docs/specs/4-architecture/features/023-remember-me-login/plan.md
• docs/specs/4-architecture/features/023-remember-me-login/spec.md
• docs/specs/4-architecture/features/023-remember-me-login/tasks.md
• docs/specs/4-architecture/open-questions.md
• docs/specs/4-architecture/roadmap.md
• lang/ar/dialogs.php
• lang/bg/dialogs.php
• lang/cz/dialogs.php
• lang/de/dialogs.php
• lang/el/dialogs.php
• lang/en/dialogs.php
• lang/es/dialogs.php
• lang/fa/dialogs.php
• lang/fr/dialogs.php
• lang/hu/dialogs.php
• lang/it/dialogs.php
• lang/ja/dialogs.php
• lang/nl/dialogs.php
• lang/no/dialogs.php
• lang/pl/dialogs.php
• lang/pt/dialogs.php
• lang/ru/dialogs.php
• lang/sk/dialogs.php
• lang/sv/dialogs.php
• lang/vi/dialogs.php
• lang/zh_CN/dialogs.php
• lang/zh_TW/dialogs.php
• resources/js/components/forms/auth/LoginForm.vue
• resources/js/services/auth-service.ts
• tests/Feature_v2/User/RememberMeTest.php

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.35%. Comparing base (a3a6645) to head (905acf8).
⚠️ Report is 1 commits behind head on master.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.