Fixed Session timeouts.
This commit is contained in:
Jonathan Bernard
parent
e8bebb49fb
commit
839646b154
@ -4,16 +4,13 @@
|
|||||||
-include("ts_db_records.hrl").
|
-include("ts_db_records.hrl").
|
||||||
-include("yaws_api.hrl").
|
-include("yaws_api.hrl").
|
||||||
|
|
||||||
|
% 6 hours: sec min hr
|
||||||
|
-define(TTL, 60*60* 6).
|
||||||
|
|
||||||
new(Username) ->
|
new(Username) ->
|
||||||
DateTime = calendar:now_to_universal_time(erlang:now()),
|
Session = #ts_api_session{ username = Username },
|
||||||
Seconds = calendar:datetime_to_gregorian_seconds(DateTime),
|
|
||||||
|
|
||||||
Session = #ts_api_session{
|
CookieVal = yaws_api:new_cookie_session(Session, ?TTL),
|
||||||
username = Username,
|
|
||||||
expires = Seconds + 60*60*6
|
|
||||||
},
|
|
||||||
|
|
||||||
CookieVal = yaws_api:new_cookie_session(Session),
|
|
||||||
{CookieVal, Session}.
|
{CookieVal, Session}.
|
||||||
|
|
||||||
logout(CookieVal) ->
|
logout(CookieVal) ->
|
||||||
@ -23,36 +20,18 @@ get_session(YArg) ->
|
|||||||
% get the cookie header
|
% get the cookie header
|
||||||
Cookie = (YArg#arg.headers)#headers.cookie,
|
Cookie = (YArg#arg.headers)#headers.cookie,
|
||||||
|
|
||||||
% get the current server time
|
|
||||||
Now = calendar:now_to_universal_time(erlang:now()),
|
|
||||||
NowSeconds = calendar:datetime_to_gregorian_seconds(Now),
|
|
||||||
|
|
||||||
% look up the cookie in the session server
|
% look up the cookie in the session server
|
||||||
case yaws_api:find_cookie_val("ts_api_session", Cookie) of
|
case yaws_api:find_cookie_val("ts_api_session", Cookie) of
|
||||||
|
|
||||||
% no cookie, not logged in
|
% no cookie, not logged in
|
||||||
[] -> not_logged_in;
|
[] -> not_logged_in;
|
||||||
|
|
||||||
% found the cookie
|
% found the cookie
|
||||||
CookieVal ->
|
CookieVal ->
|
||||||
|
|
||||||
% get the session data
|
% get the session data
|
||||||
case yaws_api:cookieval_to_opaque(CookieVal) of
|
case yaws_api:cookieval_to_opaque(CookieVal) of
|
||||||
{error, _} -> not_logged_in;
|
{error, _Err} -> session_expired;
|
||||||
|
{ok, Session} -> Session
|
||||||
{ok, Session} ->
|
|
||||||
if
|
|
||||||
% if the cookie has expired
|
|
||||||
NowSeconds > Session#ts_api_session.expires ->
|
|
||||||
logout(CookieVal),
|
|
||||||
session_expired;
|
|
||||||
|
|
||||||
% cookie is fresh
|
|
||||||
true ->
|
|
||||||
% update the expiry time 6 hours: sec min hr
|
|
||||||
NewSession = Session#ts_api_session{expires = NowSeconds + 60*60* 6},
|
|
||||||
yaws_api:replace_cookie_session(CookieVal, NewSession),
|
|
||||||
|
|
||||||
% return cookie
|
|
||||||
NewSession
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
end.
|
end.
|
||||||
|
|||||||
@ -36,8 +36,7 @@
|
|||||||
}).
|
}).
|
||||||
|
|
||||||
-record(ts_api_session, {
|
-record(ts_api_session, {
|
||||||
username,
|
username
|
||||||
expires
|
|
||||||
}).
|
}).
|
||||||
|
|
||||||
% extensible data for arbitrary entities
|
% extensible data for arbitrary entities
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user