Commit bd4314e9 authored by =Corey Hulen's avatar =Corey Hulen

PLT-1558 adding session length to config file

parent e432b666
......@@ -523,6 +523,13 @@ func GetSession(token string) *model.Session {
l4g.Error("Invalid session token=" + token + ", err=" + sessionResult.Err.DetailedError)
} else {
session = sessionResult.Data.(*model.Session)
if session.IsExpired() {
return nil
} else {
AddSessionToCache(session)
return session
}
}
}
......@@ -553,5 +560,5 @@ func FindMultiSessionForTeamId(r *http.Request, teamId string) (int64, *model.Se
}
func AddSessionToCache(session *model.Session) {
sessionCache.Add(session.Token, session)
sessionCache.AddWithExpiresInSecs(session.Token, session, int64(*utils.Cfg.ServiceSettings.SessionCacheInMinutes*60))
}
......@@ -492,11 +492,11 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
session := &model.Session{UserId: user.Id, TeamId: user.TeamId, Roles: user.Roles, DeviceId: deviceId, IsOAuth: false}
maxAge := model.SESSION_TIME_WEB_IN_SECS
maxAge := *utils.Cfg.ServiceSettings.SessionLengthWebInDays * 60 * 60 * 24
if len(deviceId) > 0 {
session.SetExpireInDays(model.SESSION_TIME_MOBILE_IN_DAYS)
maxAge = model.SESSION_TIME_MOBILE_IN_SECS
session.SetExpireInDays(*utils.Cfg.ServiceSettings.SessionLengthMobileInDays)
maxAge = *utils.Cfg.ServiceSettings.SessionLengthMobileInDays * 60 * 60 * 24
// A special case where we logout of all other sessions with the same Id
if result := <-Srv.Store.Session().GetSessions(user.Id); result.Err != nil {
......@@ -518,7 +518,7 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
}
} else {
session.SetExpireInDays(model.SESSION_TIME_WEB_IN_DAYS)
session.SetExpireInDays(*utils.Cfg.ServiceSettings.SessionLengthWebInDays)
}
ua := user_agent.New(r.UserAgent())
......
......@@ -11,7 +11,11 @@
"EnablePostIconOverride": false,
"EnableTesting": false,
"EnableDeveloper": false,
"EnableSecurityFixAlert": true
"EnableSecurityFixAlert": true,
"SessionLengthWebInDays" : 30,
"SessionLengthMobileInDays" : 30,
"SessionLengthSSOInDays" : 30,
"SessionCacheInMinutes" : 10
},
"TeamSettings": {
"SiteName": "Mattermost",
......
......@@ -11,7 +11,11 @@
"EnablePostIconOverride": false,
"EnableTesting": false,
"EnableDeveloper": false,
"EnableSecurityFixAlert": true
"EnableSecurityFixAlert": true,
"SessionLengthWebInDays" : 30,
"SessionLengthMobileInDays" : 30,
"SessionLengthSSOInDays" : 30,
"SessionCacheInMinutes" : 10
},
"TeamSettings": {
"SiteName": "Mattermost",
......
......@@ -11,7 +11,11 @@
"EnablePostIconOverride": false,
"EnableTesting": false,
"EnableDeveloper": false,
"EnableSecurityFixAlert": true
"EnableSecurityFixAlert": true,
"SessionLengthWebInDays" : 30,
"SessionLengthMobileInDays" : 30,
"SessionLengthSSOInDays" : 30,
"SessionCacheInMinutes" : 10
},
"TeamSettings": {
"SiteName": "Mattermost",
......
......@@ -114,7 +114,7 @@ func manualTest(c *api.Context, w http.ResponseWriter, r *http.Request) {
Name: model.SESSION_COOKIE_TOKEN,
Value: client.AuthToken,
Path: "/",
MaxAge: model.SESSION_TIME_WEB_IN_SECS,
MaxAge: *utils.Cfg.ServiceSettings.SessionLengthWebInDays * 60 * 60 * 24,
HttpOnly: true,
}
http.SetCookie(w, sessionCookie)
......
......@@ -36,6 +36,10 @@ type ServiceSettings struct {
EnableTesting bool
EnableDeveloper *bool
EnableSecurityFixAlert *bool
SessionLengthWebInDays *int
SessionLengthMobileInDays *int
SessionLengthSSOInDays *int
SessionCacheInMinutes *int
}
type SSOSettings struct {
......@@ -306,6 +310,26 @@ func (o *Config) SetDefaults() {
o.LdapSettings.Enable = new(bool)
*o.LdapSettings.Enable = false
}
if o.ServiceSettings.SessionLengthWebInDays == nil {
o.ServiceSettings.SessionLengthWebInDays = new(int)
*o.ServiceSettings.SessionLengthWebInDays = 30
}
if o.ServiceSettings.SessionLengthMobileInDays == nil {
o.ServiceSettings.SessionLengthMobileInDays = new(int)
*o.ServiceSettings.SessionLengthMobileInDays = 30
}
if o.ServiceSettings.SessionLengthSSOInDays == nil {
o.ServiceSettings.SessionLengthSSOInDays = new(int)
*o.ServiceSettings.SessionLengthSSOInDays = 30
}
if o.ServiceSettings.SessionCacheInMinutes == nil {
o.ServiceSettings.SessionCacheInMinutes = new(int)
*o.ServiceSettings.SessionCacheInMinutes = 10
}
}
func (o *Config) IsValid() *AppError {
......
......@@ -9,18 +9,18 @@ import (
)
const (
SESSION_COOKIE_TOKEN = "MMTOKEN"
SESSION_TIME_WEB_IN_DAYS = 30
SESSION_TIME_WEB_IN_SECS = 60 * 60 * 24 * SESSION_TIME_WEB_IN_DAYS
SESSION_TIME_MOBILE_IN_DAYS = 30
SESSION_TIME_MOBILE_IN_SECS = 60 * 60 * 24 * SESSION_TIME_MOBILE_IN_DAYS
SESSION_TIME_OAUTH_IN_DAYS = 365
SESSION_TIME_OAUTH_IN_SECS = 60 * 60 * 24 * SESSION_TIME_OAUTH_IN_DAYS
SESSION_CACHE_IN_SECS = 60 * 10
SESSION_CACHE_SIZE = 10000
SESSION_PROP_PLATFORM = "platform"
SESSION_PROP_OS = "os"
SESSION_PROP_BROWSER = "browser"
SESSION_COOKIE_TOKEN = "MMTOKEN"
// SESSION_TIME_WEB_IN_DAYS = 30
// SESSION_TIME_WEB_IN_SECS = 60 * 60 * 24 * SESSION_TIME_WEB_IN_DAYS
// SESSION_TIME_MOBILE_IN_DAYS = 30
// SESSION_TIME_MOBILE_IN_SECS = 60 * 60 * 24 * SESSION_TIME_MOBILE_IN_DAYS
// SESSION_TIME_OAUTH_IN_DAYS = 365
// SESSION_TIME_OAUTH_IN_SECS = 60 * 60 * 24 * SESSION_TIME_OAUTH_IN_DAYS
// SESSION_CACHE_IN_SECS = 60 * 10
SESSION_CACHE_SIZE = 10000
SESSION_PROP_PLATFORM = "platform"
SESSION_PROP_OS = "os"
SESSION_PROP_BROWSER = "browser"
)
type Session struct {
......@@ -89,8 +89,8 @@ func (me *Session) IsExpired() bool {
return false
}
func (me *Session) SetExpireInDays(days int64) {
me.ExpiresAt = GetMillis() + (1000 * 60 * 60 * 24 * days)
func (me *Session) SetExpireInDays(days int) {
me.ExpiresAt = GetMillis() + (1000 * 60 * 60 * 24 * int64(days))
}
func (me *Session) AddProp(key string, value string) {
......
......@@ -991,7 +991,7 @@ func getAccessToken(c *api.Context, w http.ResponseWriter, r *http.Request) {
return
}
accessRsp := &model.AccessResponse{AccessToken: session.Token, TokenType: model.ACCESS_TOKEN_TYPE, ExpiresIn: model.SESSION_TIME_OAUTH_IN_SECS}
accessRsp := &model.AccessResponse{AccessToken: session.Token, TokenType: model.ACCESS_TOKEN_TYPE, ExpiresIn: int32(*utils.Cfg.ServiceSettings.SessionLengthSSOInDays * 60 * 60 * 24)}
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Cache-Control", "no-store")
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment