Clean up a couple things and fix tests
This commit is contained in:
Bradley Schofield
parent
4cfc3b3a7f
commit
e1f9a8e0ce
|
|
@ -640,7 +640,7 @@ $collections = [
|
|||
'size' => 32,
|
||||
'signed' => true,
|
||||
'required' => false,
|
||||
'default' => 525600, // 1 Year
|
||||
'default' => Auth::TOKEN_EXPIRATION_LOGIN_LONG, // 1 Year
|
||||
'array' => false,
|
||||
'filters' => [],
|
||||
],
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@ App::post('/v1/account/sessions/email')
|
|||
throw new Exception(Exception::USER_BLOCKED); // User is in status blocked
|
||||
}
|
||||
|
||||
$duration = ($project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
|
|
@ -528,7 +528,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
}
|
||||
|
||||
// Create session token, verify user account and update OAuth2 ID and Access Token
|
||||
$duration = ($project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -692,6 +692,7 @@ App::post('/v1/account/sessions/magic-url')
|
|||
'userInternalId' => $user->getInternalId(),
|
||||
'type' => Auth::TOKEN_TYPE_MAGIC_URL,
|
||||
'secret' => Auth::hash($loginSecret), // One way hash encryption to protect DB leak
|
||||
'expire' => $expire,
|
||||
'userAgent' => $request->getUserAgent('UNKNOWN'),
|
||||
'ip' => $request->getIP(),
|
||||
]);
|
||||
|
|
@ -783,7 +784,7 @@ App::put('/v1/account/sessions/magic-url')
|
|||
throw new Exception(Exception::USER_INVALID_TOKEN);
|
||||
}
|
||||
|
||||
$duration = ($project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -1020,7 +1021,7 @@ App::put('/v1/account/sessions/phone')
|
|||
throw new Exception(Exception::USER_INVALID_TOKEN);
|
||||
}
|
||||
|
||||
$duration = ($project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -1172,7 +1173,7 @@ App::post('/v1/account/sessions/anonymous')
|
|||
])));
|
||||
|
||||
// Create session token
|
||||
$duration = ($project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -1832,7 +1833,9 @@ App::patch('/v1/account/sessions/:sessionId')
|
|||
|
||||
$dbForProject->deleteCachedDocument('users', $user->getId());
|
||||
|
||||
$session->setAttribute('expire', $session->getCreatedAt() + $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG));
|
||||
$session->setAttribute('expire', DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG)));
|
||||
|
||||
var_dump(DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG)));
|
||||
|
||||
$events
|
||||
->setParam('userId', $user->getId())
|
||||
|
|
@ -1887,6 +1890,7 @@ App::delete('/v1/account/sessions')
|
|||
|
||||
if ($session->getAttribute('secret') == Auth::hash(Auth::$secret)) {
|
||||
$session->setAttribute('current', true);
|
||||
$session->setAttribute('expire', DateTime::addSeconds(new \DateTime($session->getCreatedAt()), Auth::TOKEN_EXPIRATION_LOGIN_LONG));
|
||||
|
||||
// If current session delete the cookies too
|
||||
$response
|
||||
|
|
|
|||
|
|
@ -402,7 +402,7 @@ App::patch('/v1/projects/:projectId')
|
|||
->setAttribute('legalCity', $legalCity)
|
||||
->setAttribute('legalAddress', $legalAddress)
|
||||
->setAttribute('legalTaxId', $legalTaxId)
|
||||
->setAttribute('authDuration', $authDuration)
|
||||
->setAttribute('authDuration', $authDuration * 60)
|
||||
->setAttribute('search', implode(' ', [$projectId, $name])));
|
||||
|
||||
$response->dynamic($project, Response::MODEL_PROJECT);
|
||||
|
|
|
|||
|
|
@ -732,7 +732,7 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
|
|||
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$authDuration = ($project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$authDuration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$expire = DateTime::addSeconds(new \DateTime(), $authDuration);
|
||||
$secret = Auth::tokenGenerator();
|
||||
$session = new Document(array_merge([
|
||||
|
|
@ -742,7 +742,6 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
|
|||
'provider' => Auth::SESSION_PROVIDER_EMAIL,
|
||||
'providerUid' => $user->getAttribute('email'),
|
||||
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
||||
'expire' => $expire,
|
||||
'userAgent' => $request->getUserAgent('UNKNOWN'),
|
||||
'ip' => $request->getIP(),
|
||||
'countryCode' => ($record) ? \strtolower($record['country']['iso_code']) : '--',
|
||||
|
|
|
|||
|
|
@ -917,7 +917,7 @@ App::setResource('console', function () {
|
|||
'legalCity' => '',
|
||||
'legalAddress' => '',
|
||||
'legalTaxId' => '',
|
||||
'authDuration' => 525600, // 1 Year in minutes
|
||||
'authDuration' => Auth::TOKEN_EXPIRATION_LOGIN_LONG, // 1 Year in seconds
|
||||
'auths' => [
|
||||
'limit' => (App::getEnv('_APP_CONSOLE_WHITELIST_ROOT', 'enabled') === 'enabled') ? 1 : 0, // limit signup to 1 user
|
||||
],
|
||||
|
|
|
|||
|
|
@ -103,7 +103,7 @@ class Project extends Model
|
|||
])
|
||||
->addRule('authDuration', [
|
||||
'type' => self::TYPE_STRING,
|
||||
'description' => 'Session duration in minutes.',
|
||||
'description' => 'Session duration in seconds.',
|
||||
'default' => '',
|
||||
'example' => '30',
|
||||
])
|
||||
|
|
|
|||
|
|
@ -418,7 +418,7 @@ class ProjectsConsoleClientTest extends Scope
|
|||
$this->assertArrayHasKey('platforms', $response['body']);
|
||||
$this->assertArrayHasKey('webhooks', $response['body']);
|
||||
$this->assertArrayHasKey('keys', $response['body']);
|
||||
$this->assertEquals(1, $response['body']['authDuration']);
|
||||
$this->assertEquals(60, $response['body']['authDuration']);
|
||||
|
||||
$projectId = $response['body']['$id'];
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue