Add max session duration
This commit is contained in:
parent
777b8814f5
commit
ce220c52f7
@ -9,10 +9,13 @@ pub const DEFAULT_ADMIN_PASSWORD: &str = "admin";
|
|||||||
pub const APP_NAME: &str = "Basic OIDC";
|
pub const APP_NAME: &str = "Basic OIDC";
|
||||||
|
|
||||||
/// Maximum session duration after inactivity, in seconds
|
/// Maximum session duration after inactivity, in seconds
|
||||||
pub const MAX_SESSION_DURATION: u64 = 60 * 30;
|
pub const MAX_INACTIVITY_DURATION: u64 = 60 * 30;
|
||||||
|
|
||||||
/// Minimum interval between each last activity record in session
|
/// Minimum interval between each last activity record in session
|
||||||
pub const MIN_ACTIVITY_RECORD_TIME: u64 = 10;
|
pub const MIN_ACTIVITY_RECORD_TIME: u64 = 10;
|
||||||
|
|
||||||
/// Minimum password length
|
/// Minimum password length
|
||||||
pub const MIN_PASS_LEN: usize = 4;
|
pub const MIN_PASS_LEN: usize = 4;
|
||||||
|
|
||||||
|
/// Maximum session duration (6 hours)
|
||||||
|
pub const MAX_SESSION_DURATION: u64 = 3600 * 6;
|
@ -1,8 +1,8 @@
|
|||||||
use actix_identity::Identity;
|
use actix_identity::Identity;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
use crate::constants::{MAX_SESSION_DURATION, MIN_ACTIVITY_RECORD_TIME};
|
use crate::constants::{MAX_INACTIVITY_DURATION, MAX_SESSION_DURATION, MIN_ACTIVITY_RECORD_TIME};
|
||||||
use crate::data::user::User;
|
use crate::data::user::{User, UserID};
|
||||||
use crate::utils::time::time;
|
use crate::utils::time::time;
|
||||||
|
|
||||||
#[derive(Debug, Serialize, Deserialize, Eq, PartialEq)]
|
#[derive(Debug, Serialize, Deserialize, Eq, PartialEq)]
|
||||||
@ -22,8 +22,9 @@ impl Default for SessionStatus {
|
|||||||
|
|
||||||
#[derive(Debug, Serialize, Deserialize, Default)]
|
#[derive(Debug, Serialize, Deserialize, Default)]
|
||||||
struct SessionIdentityData {
|
struct SessionIdentityData {
|
||||||
pub id: String,
|
pub id: UserID,
|
||||||
pub is_admin: bool,
|
pub is_admin: bool,
|
||||||
|
login_time: u64,
|
||||||
last_access: u64,
|
last_access: u64,
|
||||||
pub status: SessionStatus,
|
pub status: SessionStatus,
|
||||||
|
|
||||||
@ -37,6 +38,7 @@ impl<'a> SessionIdentity<'a> {
|
|||||||
self.set_session_data(&SessionIdentityData {
|
self.set_session_data(&SessionIdentityData {
|
||||||
id: user.uid.clone(),
|
id: user.uid.clone(),
|
||||||
is_admin: user.admin,
|
is_admin: user.admin,
|
||||||
|
login_time: time(),
|
||||||
last_access: time(),
|
last_access: time(),
|
||||||
status: SessionStatus::SignedIn,
|
status: SessionStatus::SignedIn,
|
||||||
});
|
});
|
||||||
@ -56,7 +58,13 @@ impl<'a> SessionIdentity<'a> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if let Some(session) = res.as_mut() {
|
if let Some(session) = res.as_mut() {
|
||||||
if session.last_access + MAX_SESSION_DURATION < time() {
|
if session.login_time + MAX_SESSION_DURATION < time() {
|
||||||
|
log::info!("Session for {} reached max duration timeout", session.id);
|
||||||
|
self.0.forget();
|
||||||
|
return None;
|
||||||
|
}
|
||||||
|
|
||||||
|
if session.last_access + MAX_INACTIVITY_DURATION < time() {
|
||||||
log::info!("Session is expired for {}", session.id);
|
log::info!("Session is expired for {}", session.id);
|
||||||
self.0.forget();
|
self.0.forget();
|
||||||
return None;
|
return None;
|
||||||
@ -97,7 +105,7 @@ impl<'a> SessionIdentity<'a> {
|
|||||||
.unwrap_or(false)
|
.unwrap_or(false)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn user_id(&self) -> String {
|
pub fn user_id(&self) -> UserID {
|
||||||
self.get_session_data()
|
self.get_session_data()
|
||||||
.unwrap_or_default()
|
.unwrap_or_default()
|
||||||
.id
|
.id
|
||||||
|
Loading…
Reference in New Issue
Block a user