From 4a930121c4099530d7afdf3edcd00808e766e067 Mon Sep 17 00:00:00 2001 From: Kininaru Date: Sun, 18 Jul 2021 07:54:49 +0800 Subject: [PATCH] feat: session without autosignin will expire Signed-off-by: Kininaru --- controllers/account.go | 3 +++ controllers/auth.go | 11 ++++++++++ controllers/base.go | 45 ++++++++++++++++++++++++++++++++++++++- util/json.go | 4 ++++ web/src/auth/LoginPage.js | 2 +- 5 files changed, 63 insertions(+), 2 deletions(-) diff --git a/controllers/account.go b/controllers/account.go index c4e819a8..6d4c97cf 100644 --- a/controllers/account.go +++ b/controllers/account.go @@ -52,6 +52,8 @@ type RequestForm struct { EmailCode string `json:"emailCode"` PhoneCode string `json:"phoneCode"` PhonePrefix string `json:"phonePrefix"` + + AutoSignin bool `json:"autoSignin"` } type Response struct { @@ -185,6 +187,7 @@ func (c *ApiController) Logout() { util.LogInfo(c.Ctx, "API: [%s] logged out", user) c.SetSessionUsername("") + c.SetSessionData(nil) resp = Response{Status: "ok", Msg: "", Data: user} diff --git a/controllers/auth.go b/controllers/auth.go index 9d34a56b..ac2fe9a8 100644 --- a/controllers/auth.go +++ b/controllers/auth.go @@ -19,6 +19,7 @@ import ( "fmt" "strconv" "strings" + "time" "github.com/astaxie/beego" "github.com/casdoor/casdoor/idp" @@ -58,6 +59,16 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob } else { resp = &Response{Status: "error", Msg: fmt.Sprintf("Unknown response type: %s", form.Type)} } + + // if user did not check auto signin + if resp.Status == "ok" && !form.AutoSignin { + timestamp := time.Now().Unix() + timestamp += 3600 * 24 + c.SetSessionData(&SessionData{ + ExpireTime: timestamp, + }) + } + return resp } diff --git a/controllers/base.go b/controllers/base.go index 6bd2d03e..4824a20b 100644 --- a/controllers/base.go +++ b/controllers/base.go @@ -14,13 +14,32 @@ package controllers -import "github.com/astaxie/beego" +import ( + "time" + + "github.com/astaxie/beego" + "github.com/casdoor/casdoor/util" +) type ApiController struct { beego.Controller } +type SessionData struct { + ExpireTime int64 +} + func (c *ApiController) GetSessionUsername() string { + // check if user session expired + sessionData := c.GetSessionData() + if sessionData != nil && + sessionData.ExpireTime != 0 && + sessionData.ExpireTime < time.Now().Unix() { + c.SetSessionUsername("") + c.SetSessionData(nil) + return "" + } + user := c.GetSession("username") if user == nil { return "" @@ -33,6 +52,30 @@ func (c *ApiController) SetSessionUsername(user string) { c.SetSession("username", user) } +func (c *ApiController) GetSessionData() *SessionData { + session := c.GetSession("SessionData") + if session == nil { + return nil + } + + sessionData := &SessionData{} + err := util.JsonToStruct(session.(string), sessionData) + if err != nil { + panic(err) + } + + return sessionData +} + +func (c *ApiController) SetSessionData(s *SessionData) { + if s == nil { + c.DelSession("SessionData") + return + } + + c.SetSession("SessionData", util.StructToJson(s)) +} + func wrapActionResponse(affected bool) *Response { if affected { return &Response{Status: "ok", Msg: "", Data: "Affected"} diff --git a/util/json.go b/util/json.go index 8e71e42e..e81e983a 100644 --- a/util/json.go +++ b/util/json.go @@ -25,3 +25,7 @@ func StructToJson(v interface{}) string { return string(data) } + +func JsonToStruct(data string, v interface{}) error { + return json.Unmarshal([]byte(data), v) +} diff --git a/web/src/auth/LoginPage.js b/web/src/auth/LoginPage.js index fc4fedb3..a2ee98ce 100644 --- a/web/src/auth/LoginPage.js +++ b/web/src/auth/LoginPage.js @@ -278,7 +278,7 @@ class LoginPage extends React.Component { /> - + {i18next.t("login:Auto login")}