codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2024-11-30 10:58:31 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

FEATURE: configure session time via site setting for all the users (#4343)

Browse source
This commit is contained in:
Arpit Jalan 2016-07-23 02:57:30 +05:30 committed by GitHub
parent b2289d733f
commit a9207dafa7
8 changed files with 19 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/models/post.rb
View file

@ -708,6 +708,7 @@ end
# Indexes # Indexes
# #
# idx_posts_created_at_topic_id (created_at,topic_id) # idx_posts_created_at_topic_id (created_at,topic_id)
# idx_posts_deleted_posts (topic_id,post_number)
# idx_posts_user_id_deleted_at (user_id) # idx_posts_user_id_deleted_at (user_id)
# index_posts_on_reply_to_post_number (reply_to_post_number) # index_posts_on_reply_to_post_number (reply_to_post_number)
# index_posts_on_topic_id_and_post_number (topic_id,post_number) UNIQUE # index_posts_on_topic_id_and_post_number (topic_id,post_number) UNIQUE

1
app/models/site_customization.rb
View file

@ -284,6 +284,7 @@ end
# mobile_header_baked :text # mobile_header_baked :text
# footer_baked :text # footer_baked :text
# mobile_footer_baked :text # mobile_footer_baked :text
# compiler_version :integer default(0), not null
# #
# Indexes # Indexes
# #

1
app/models/unsubscribe_key.rb
View file

@ -34,6 +34,7 @@ end
# updated_at :datetime # updated_at :datetime
# unsubscribe_key_type :string # unsubscribe_key_type :string
# topic_id :integer # topic_id :integer
# post_id :integer
# #
# Indexes # Indexes
# #

1
app/models/user.rb
View file

@ -1048,6 +1048,7 @@ end
# trust_level_locked :boolean default(FALSE), not null # trust_level_locked :boolean default(FALSE), not null
# staged :boolean default(FALSE), not null # staged :boolean default(FALSE), not null
# first_seen_at :datetime # first_seen_at :datetime
# auth_token_created_at :datetime
# #
# Indexes # Indexes
# #

2
config/locales/server.en.yml
View file

@ -909,7 +909,7 @@ en:
post_undo_action_window_mins: "Number of minutes users are allowed to undo recent actions on a post (like, flag, etc)." post_undo_action_window_mins: "Number of minutes users are allowed to undo recent actions on a post (like, flag, etc)."
must_approve_users: "Staff must approve all new user accounts before they are allowed to access the site. WARNING: enabling this for a live site will revoke access for existing non-staff users!" must_approve_users: "Staff must approve all new user accounts before they are allowed to access the site. WARNING: enabling this for a live site will revoke access for existing non-staff users!"
pending_users_reminder_delay: "Notify moderators if new users have been waiting for approval for longer than this many hours. Set to -1 to disable notifications." pending_users_reminder_delay: "Notify moderators if new users have been waiting for approval for longer than this many hours. Set to -1 to disable notifications."
permanent_session_cookie: "Use a permanent cookie that persists after closing the browser. When disabling this, you may want to log out everyone programmatically." maximum_session_age: "User will remain logged in for n hours."
ga_tracking_code: "OBSOLETE: Google analytics (ga.js) tracking code code, eg: UA-12345678-9; see http://google.com/analytics" ga_tracking_code: "OBSOLETE: Google analytics (ga.js) tracking code code, eg: UA-12345678-9; see http://google.com/analytics"
ga_domain_name: "OBSOLETE: Google analytics (ga.js) domain name, eg: mysite.com; see http://google.com/analytics" ga_domain_name: "OBSOLETE: Google analytics (ga.js) domain name, eg: mysite.com; see http://google.com/analytics"
ga_universal_tracking_code: "Google Universal Analytics (analytics.js) tracking code code, eg: UA-12345678-9; see http://google.com/analytics" ga_universal_tracking_code: "Google Universal Analytics (analytics.js) tracking code code, eg: UA-12345678-9; see http://google.com/analytics"

5
config/site_settings.yml
View file

@ -304,7 +304,10 @@ login:
pending_users_reminder_delay: pending_users_reminder_delay:
min: -1 min: -1
default: 8 default: 8
permanent_session_cookie: true maximum_session_age:
default: 2160
min: 1
max: 175200
users: users:
min_username_length: min_username_length:

5
db/migrate/20160722071221_add_auth_token_created_at_to_users.rb Normal file
View file

@ -0,0 +1,5 @@
class AddAuthTokenCreatedAtToUsers < ActiveRecord::Migration
def change
add_column :users, :auth_token_created_at, :datetime, null: true
end
end

11
lib/auth/default_current_user_provider.rb
View file

@ -36,7 +36,7 @@ class Auth::DefaultCurrentUserProvider
current_user = nil current_user = nil
if auth_token && auth_token.length == 32 if auth_token && auth_token.length == 32
current_user = User.find_by(auth_token: auth_token) current_user = User.where(auth_token: auth_token).where('auth_token_created_at IS NULL OR auth_token_created_at > ?', SiteSetting.maximum_session_age.hours.ago).first
end end
if current_user && (current_user.suspended? || !current_user.active) if current_user && (current_user.suspended? || !current_user.active)
@ -62,15 +62,10 @@ class Auth::DefaultCurrentUserProvider
end end
def log_on_user(user, session, cookies) def log_on_user(user, session, cookies)
unless user.auth_token && user.auth_token.length == 32
user.auth_token = SecureRandom.hex(16) user.auth_token = SecureRandom.hex(16)
user.auth_token_created_at = Time.zone.now
user.save! user.save!
end cookies[TOKEN_COOKIE] = { value: user.auth_token, httponly: true, expires: SiteSetting.maximum_session_age.hours.from_now }
if SiteSetting.permanent_session_cookie
cookies.permanent[TOKEN_COOKIE] = { value: user.auth_token, httponly: true }
else
cookies[TOKEN_COOKIE] = { value: user.auth_token, httponly: true }
end
make_developer_admin(user) make_developer_admin(user)
enable_bootstrap_mode(user) enable_bootstrap_mode(user)
@env[CURRENT_USER_KEY] = user @env[CURRENT_USER_KEY] = user