From 609ef3f3b4d4cb355d80b19df1e91db258b0bbe0 Mon Sep 17 00:00:00 2001 From: sanine-a Date: Wed, 10 May 2023 15:17:18 -0500 Subject: log out after 1 hour of inactivity --- conf/create.go | 6 ++++-- conf/list.go | 5 +++-- db/session.go | 9 +++++++-- phlox/main.go | 17 +++++++++++++++-- 4 files changed, 29 insertions(+), 8 deletions(-) diff --git a/conf/create.go b/conf/create.go index ec732d2..201149a 100644 --- a/conf/create.go +++ b/conf/create.go @@ -16,6 +16,7 @@ func hiddenPrompt(prompt string) (string, error) { if err != nil { return "", err } + fmt.Println() return strings.TrimSpace(string(bytes)), nil } @@ -30,8 +31,9 @@ var createUser = &Command{ } username := args[0] var password string + var err error if len(args) == 1 { - password, err := hiddenPrompt("Enter password: ") + password, err = hiddenPrompt("Enter password: ") if err != nil { log.Fatal(err) } confirm, err := hiddenPrompt("Confirm password: ") if err != nil { log.Fatal(err) } @@ -43,7 +45,7 @@ var createUser = &Command{ password = args[1] } - _, err := p.CreateUser(username, password) + _, err = p.CreateUser(username, password) if err != nil { log.Fatal(err) } fmt.Printf("created user %v\n", username) }, diff --git a/conf/list.go b/conf/list.go index bf3fd80..4fa3829 100644 --- a/conf/list.go +++ b/conf/list.go @@ -29,13 +29,14 @@ var listSessions = Command{ if err != nil { log.Fatal(err) } - fmt.Printf("id\tuser\tcreated\tmodified\n========================================\n") + // padding on created and modified to match RFC3339 format + fmt.Printf("user\t\tcreated \tmodified \tid\n================================================================================\n") for _, session := range sessions { user, err := p.GetById(session.UserId) if err != nil { log.Fatal(err) } - fmt.Printf("%v\t%v\n", session.Id, user.Name, session.Created.Format(time.RFC3339), session.Modified.Format(time.RFC3339)) + fmt.Printf("%v\t\t%v\t%v\t%v\n", user.Name, session.Created.Format(time.RFC3339), session.Modified.Format(time.RFC3339), session.Id) } }, } diff --git a/db/session.go b/db/session.go index da081f9..7ebb6df 100644 --- a/db/session.go +++ b/db/session.go @@ -22,8 +22,8 @@ func (p *Phlox) CreateSession(user User) (Session, error) { nowStr := now.Format(time.RFC3339) _, err = p.db.Exec( - "insert into sessions (sessionid, userid, created, modified) values (?, ?, ?, ?);", - sessionid, + "insert into sessions (sessionid, userid, created, modified) values (?, ?, ?, ?);", + sessionid, userid, nowStr, nowStr, ) @@ -107,6 +107,11 @@ func (p *Phlox) TouchSession(session Session) error { } +func (p *Phlox) TouchSessionId(id string) error { + return p.TouchSession(Session{ Id: id }) +} + + func (p *Phlox) CleanSessions(maxIdle time.Duration) error { expire := time.Now().UTC().Add(-maxIdle).Format(time.RFC3339) _, err := p.db.Exec("delete from sessions where modified < ?;", expire) diff --git a/phlox/main.go b/phlox/main.go index f2946c8..da52654 100644 --- a/phlox/main.go +++ b/phlox/main.go @@ -3,6 +3,7 @@ package main import ( "fmt" "io" + "time" "strings" "errors" "flag" @@ -45,6 +46,15 @@ func main() { InitLogin() + c := time.Tick(5 * time.Minute) + go (func() { + p := &P + for ;; { + _ = <-c // wait for 5 minutes + p.CleanSessions(time.Hour) + } + })() + log.Infof("serving on %v", addr) log.Fatal(http.ListenAndServe(addr, nil)) } @@ -93,10 +103,13 @@ func proxy(w http.ResponseWriter, req *http.Request, end Endpoint) { return } if !check { - w.WriteHeader(http.StatusUnauthorized) - fmt.Fprintf(w, "unauthorized") + // not logged in + w.Header().Set("Location", "/login") + w.WriteHeader(http.StatusTemporaryRedirect) return } + // update modified time + p.TouchSessionId(cookie.Value) response := proxyRequest(w, req, end) if response != nil { -- cgit v1.2.1