From 082fc338a281a6393689356338fcafe20c91431d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cornelius=20K=C3=B6lbel?= Date: Fri, 30 Jun 2017 11:36:11 +0200 Subject: [PATCH 1/3] add last_check_timeout for core appconfig Using last_check_timeout the administrator can change the 5 minutes period in which the password of the user is rechecked. Closes #28252 --- lib/private/User/Session.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 0c6d502cea00..c1c95bbe1c33 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -603,10 +603,13 @@ private function getPassword($password) { */ private function checkTokenCredentials(IToken $dbToken, $token) { // Check whether login credentials are still valid and the user was not disabled - // This check is performed each 5 minutes + // This check is performed each 5 minutes per default + // However, we try to read last_check_timeout from the appconfig table so the + // administrator could change this 5 minutes timeout $lastCheck = $dbToken->getLastCheck() ? : 0; $now = $this->timeFacory->getTime(); - if ($lastCheck > ($now - 60 * 5)) { + $last_check_timeout = intval($this->config->getAppValue('last_check_timeout', 5)); + if ($lastCheck > ($now - 60 * $last_check_timeout)) { // Checked performed recently, nothing to do now return true; } From 88fa5bc29b49809c236a0e66e872c2d39fe81467 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cornelius=20K=C3=B6lbel?= Date: Fri, 30 Jun 2017 11:39:01 +0200 Subject: [PATCH 2/3] Fix typo timeFacory -> timeFactory --- lib/private/User/Session.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index c1c95bbe1c33..b0ff8d9fc140 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -86,7 +86,7 @@ class Session implements IUserSession, Emitter { private $session; /** @var ITimeFactory */ - private $timeFacory; + private $timeFactory; /** @var IProvider */ private $tokenProvider; @@ -100,14 +100,14 @@ class Session implements IUserSession, Emitter { /** * @param IUserManager $manager * @param ISession $session - * @param ITimeFactory $timeFacory + * @param ITimeFactory $timeFactory * @param IProvider $tokenProvider * @param IConfig $config */ - public function __construct(IUserManager $manager, ISession $session, ITimeFactory $timeFacory, $tokenProvider, IConfig $config) { + public function __construct(IUserManager $manager, ISession $session, ITimeFactory $timeFactory, $tokenProvider, IConfig $config) { $this->manager = $manager; $this->session = $session; - $this->timeFacory = $timeFacory; + $this->timeFactory = $timeFactory; $this->tokenProvider = $tokenProvider; $this->config = $config; } @@ -345,7 +345,7 @@ protected function supportsCookies(IRequest $request) { if (!is_null($request->getCookie('cookie_test'))) { return true; } - setcookie('cookie_test', 'test', $this->timeFacory->getTime() + 3600); + setcookie('cookie_test', 'test', $this->timeFactory->getTime() + 3600); return false; } @@ -607,7 +607,7 @@ private function checkTokenCredentials(IToken $dbToken, $token) { // However, we try to read last_check_timeout from the appconfig table so the // administrator could change this 5 minutes timeout $lastCheck = $dbToken->getLastCheck() ? : 0; - $now = $this->timeFacory->getTime(); + $now = $this->timeFactory->getTime(); $last_check_timeout = intval($this->config->getAppValue('last_check_timeout', 5)); if ($lastCheck > ($now - 60 * $last_check_timeout)) { // Checked performed recently, nothing to do now From efba7da06a873accc6d8c95a398d52ebf1b6c109 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cornelius=20K=C3=B6lbel?= Date: Fri, 30 Jun 2017 16:01:06 +0200 Subject: [PATCH 3/3] Fix missing appname --- lib/private/User/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index b0ff8d9fc140..2bbc29d33e9c 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -608,7 +608,7 @@ private function checkTokenCredentials(IToken $dbToken, $token) { // administrator could change this 5 minutes timeout $lastCheck = $dbToken->getLastCheck() ? : 0; $now = $this->timeFactory->getTime(); - $last_check_timeout = intval($this->config->getAppValue('last_check_timeout', 5)); + $last_check_timeout = intval($this->config->getAppValue('core', 'last_check_timeout', 5)); if ($lastCheck > ($now - 60 * $last_check_timeout)) { // Checked performed recently, nothing to do now return true;