Fix session expiration
This commit is contained in:
parent
a80da7526d
commit
dd99ab7b00
|
@ -790,9 +790,11 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
|
|||
Authorization::setDefaultStatus(true);
|
||||
|
||||
Auth::setCookieName('a_session_' . $project->getId());
|
||||
$authDuration = $project->getAttribute('auths', [])['duration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
|
||||
if (APP_MODE_ADMIN === $mode) {
|
||||
Auth::setCookieName('a_session_' . $console->getId());
|
||||
$authDuration = Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
}
|
||||
|
||||
$session = Auth::decodeSession(
|
||||
|
@ -829,8 +831,6 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
|
|||
$user = $dbForConsole->getDocument('users', Auth::$unique);
|
||||
}
|
||||
|
||||
$authDuration = $project->getAttribute('auths', [])['duration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
|
||||
if (
|
||||
$user->isEmpty() // Check a document has been found in the DB
|
||||
|| !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $authDuration)
|
||||
|
|
|
@ -98,7 +98,6 @@ $cli
|
|||
{
|
||||
(new Delete())
|
||||
->setType(DELETE_TYPE_SESSIONS)
|
||||
->setDatetime(DateTime::addSeconds(new \DateTime(), -1 * Auth::TOKEN_EXPIRATION_LOGIN_LONG)) //TODO: Update to use project session expiration instead of default.
|
||||
->trigger();
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
|
||||
use Appwrite\Auth\Auth;
|
||||
use Utopia\App;
|
||||
use Utopia\Cache\Adapter\Filesystem;
|
||||
use Utopia\Cache\Cache;
|
||||
|
@ -13,6 +14,7 @@ use Utopia\Abuse\Abuse;
|
|||
use Utopia\Abuse\Adapters\TimeLimit;
|
||||
use Utopia\CLI\Console;
|
||||
use Utopia\Audit\Audit;
|
||||
use Utopia\Database\DateTime;
|
||||
|
||||
require_once __DIR__ . '/../init.php';
|
||||
|
||||
|
@ -96,7 +98,7 @@ class DeletesV1 extends Worker
|
|||
break;
|
||||
|
||||
case DELETE_TYPE_SESSIONS:
|
||||
$this->deleteExpiredSessions($this->args['datetime']);
|
||||
$this->deleteExpiredSessions();
|
||||
break;
|
||||
|
||||
case DELETE_TYPE_CERTIFICATES:
|
||||
|
@ -105,7 +107,7 @@ class DeletesV1 extends Worker
|
|||
break;
|
||||
|
||||
case DELETE_TYPE_USAGE:
|
||||
$this->deleteUsageStats($this->args['dateTime1d'], $this->args['hourlyUsageRetentionDatetime']);
|
||||
$this->deleteUsageStats($this->args['hourlyUsageRetentionDatetime']);
|
||||
break;
|
||||
|
||||
case DELETE_TYPE_CACHE_BY_RESOURCE:
|
||||
|
@ -214,7 +216,6 @@ class DeletesV1 extends Worker
|
|||
}
|
||||
|
||||
/**
|
||||
* @param string $datetime1d
|
||||
* @param string $hourlyUsageRetentionDatetime
|
||||
*/
|
||||
protected function deleteUsageStats(string $hourlyUsageRetentionDatetime)
|
||||
|
@ -316,16 +317,20 @@ class DeletesV1 extends Worker
|
|||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $datetime
|
||||
*/
|
||||
protected function deleteExpiredSessions(string $datetime): void
|
||||
protected function deleteExpiredSessions(): void
|
||||
{
|
||||
$this->deleteForProjectIds(function (string $projectId) use ($datetime) {
|
||||
$consoleDB = $this->getConsoleDB();
|
||||
|
||||
$this->deleteForProjectIds(function (string $projectId) use ($consoleDB) {
|
||||
$dbForProject = $this->getProjectDB($projectId);
|
||||
|
||||
$project = $consoleDB->getDocument('projects', $projectId);
|
||||
$duration = $project->getAttribute('auths', [])['duration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$expired = DateTime::addSeconds(new \DateTime(), -1 * $duration);
|
||||
|
||||
// Delete Sessions
|
||||
$this->deleteByGroup('sessions', [
|
||||
Query::lessThan('expire', $datetime)
|
||||
Query::lessThan('$createdAt', $expired)
|
||||
], $dbForProject);
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue