mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-27 09:36:19 -05:00
FEATURE: configure session time via site setting for all the users (#4343)
This commit is contained in:
parent
b2289d733f
commit
a9207dafa7
8 changed files with 19 additions and 12 deletions
|
@ -708,6 +708,7 @@ end
|
|||
# Indexes
|
||||
#
|
||||
# idx_posts_created_at_topic_id (created_at,topic_id)
|
||||
# idx_posts_deleted_posts (topic_id,post_number)
|
||||
# idx_posts_user_id_deleted_at (user_id)
|
||||
# index_posts_on_reply_to_post_number (reply_to_post_number)
|
||||
# index_posts_on_topic_id_and_post_number (topic_id,post_number) UNIQUE
|
||||
|
|
|
@ -284,6 +284,7 @@ end
|
|||
# mobile_header_baked :text
|
||||
# footer_baked :text
|
||||
# mobile_footer_baked :text
|
||||
# compiler_version :integer default(0), not null
|
||||
#
|
||||
# Indexes
|
||||
#
|
||||
|
|
|
@ -34,6 +34,7 @@ end
|
|||
# updated_at :datetime
|
||||
# unsubscribe_key_type :string
|
||||
# topic_id :integer
|
||||
# post_id :integer
|
||||
#
|
||||
# Indexes
|
||||
#
|
||||
|
|
|
@ -1048,6 +1048,7 @@ end
|
|||
# trust_level_locked :boolean default(FALSE), not null
|
||||
# staged :boolean default(FALSE), not null
|
||||
# first_seen_at :datetime
|
||||
# auth_token_created_at :datetime
|
||||
#
|
||||
# Indexes
|
||||
#
|
||||
|
|
|
@ -909,7 +909,7 @@ en:
|
|||
post_undo_action_window_mins: "Number of minutes users are allowed to undo recent actions on a post (like, flag, etc)."
|
||||
must_approve_users: "Staff must approve all new user accounts before they are allowed to access the site. WARNING: enabling this for a live site will revoke access for existing non-staff users!"
|
||||
pending_users_reminder_delay: "Notify moderators if new users have been waiting for approval for longer than this many hours. Set to -1 to disable notifications."
|
||||
permanent_session_cookie: "Use a permanent cookie that persists after closing the browser. When disabling this, you may want to log out everyone programmatically."
|
||||
maximum_session_age: "User will remain logged in for n hours."
|
||||
ga_tracking_code: "OBSOLETE: Google analytics (ga.js) tracking code code, eg: UA-12345678-9; see http://google.com/analytics"
|
||||
ga_domain_name: "OBSOLETE: Google analytics (ga.js) domain name, eg: mysite.com; see http://google.com/analytics"
|
||||
ga_universal_tracking_code: "Google Universal Analytics (analytics.js) tracking code code, eg: UA-12345678-9; see http://google.com/analytics"
|
||||
|
|
|
@ -304,7 +304,10 @@ login:
|
|||
pending_users_reminder_delay:
|
||||
min: -1
|
||||
default: 8
|
||||
permanent_session_cookie: true
|
||||
maximum_session_age:
|
||||
default: 2160
|
||||
min: 1
|
||||
max: 175200
|
||||
|
||||
users:
|
||||
min_username_length:
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
class AddAuthTokenCreatedAtToUsers < ActiveRecord::Migration
|
||||
def change
|
||||
add_column :users, :auth_token_created_at, :datetime, null: true
|
||||
end
|
||||
end
|
|
@ -36,7 +36,7 @@ class Auth::DefaultCurrentUserProvider
|
|||
current_user = nil
|
||||
|
||||
if auth_token && auth_token.length == 32
|
||||
current_user = User.find_by(auth_token: auth_token)
|
||||
current_user = User.where(auth_token: auth_token).where('auth_token_created_at IS NULL OR auth_token_created_at > ?', SiteSetting.maximum_session_age.hours.ago).first
|
||||
end
|
||||
|
||||
if current_user && (current_user.suspended? || !current_user.active)
|
||||
|
@ -62,15 +62,10 @@ class Auth::DefaultCurrentUserProvider
|
|||
end
|
||||
|
||||
def log_on_user(user, session, cookies)
|
||||
unless user.auth_token && user.auth_token.length == 32
|
||||
user.auth_token = SecureRandom.hex(16)
|
||||
user.save!
|
||||
end
|
||||
if SiteSetting.permanent_session_cookie
|
||||
cookies.permanent[TOKEN_COOKIE] = { value: user.auth_token, httponly: true }
|
||||
else
|
||||
cookies[TOKEN_COOKIE] = { value: user.auth_token, httponly: true }
|
||||
end
|
||||
user.auth_token = SecureRandom.hex(16)
|
||||
user.auth_token_created_at = Time.zone.now
|
||||
user.save!
|
||||
cookies[TOKEN_COOKIE] = { value: user.auth_token, httponly: true, expires: SiteSetting.maximum_session_age.hours.from_now }
|
||||
make_developer_admin(user)
|
||||
enable_bootstrap_mode(user)
|
||||
@env[CURRENT_USER_KEY] = user
|
||||
|
|
Loading…
Reference in a new issue