From a49ae9c6a8abee0bfb7325b4a95f8154fea4d4a1 Mon Sep 17 00:00:00 2001 From: thewh1teagle <61390950+thewh1teagle@users.noreply.github.com> Date: Tue, 1 Feb 2022 17:01:36 +0200 Subject: [PATCH] added session timeout to config --- cmd/config.go | 3 ++- cmd/config_init.go | 3 +++ cmd/config_set.go | 3 +++ frontend/package-lock.json | 2 ++ http/auth.go | 6 +----- settings/Session.go | 6 ++++++ settings/settings.go | 25 +++++++++++++------------ 7 files changed, 30 insertions(+), 18 deletions(-) create mode 100644 settings/Session.go diff --git a/cmd/config.go b/cmd/config.go index 47a62397..49a62316 100644 --- a/cmd/config.go +++ b/cmd/config.go @@ -39,7 +39,7 @@ func addConfigFlags(flags *pflag.FlagSet) { flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China") flags.String("recaptcha.key", "", "ReCaptcha site key") flags.String("recaptcha.secret", "", "ReCaptcha secret") - + flags.Uint("session.timeout", 2, "Set session timeout in hours (default is 2 hours)") flags.String("branding.name", "", "replace 'File Browser' by this name") flags.String("branding.color", "", "set the theme color") flags.String("branding.files", "", "path to directory with images and custom styles") @@ -135,6 +135,7 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut fmt.Fprintf(w, "\tColor:\t%s\n", set.Branding.Color) fmt.Fprintln(w, "\nServer:") fmt.Fprintf(w, "\tLog:\t%s\n", ser.Log) + fmt.Fprintf(w, "\tSession timeout:\t%d\n", ser.Session.Timeout) fmt.Fprintf(w, "\tPort:\t%s\n", ser.Port) fmt.Fprintf(w, "\tBase URL:\t%s\n", ser.BaseURL) fmt.Fprintf(w, "\tRoot:\t%s\n", ser.Root) diff --git a/cmd/config_init.go b/cmd/config_init.go index 12b11688..9399821a 100644 --- a/cmd/config_init.go +++ b/cmd/config_init.go @@ -50,6 +50,9 @@ override the options.`, TLSCert: mustGetString(flags, "cert"), Port: mustGetString(flags, "port"), Log: mustGetString(flags, "log"), + Session: settings.Session{ + Timeout: mustGetUint(flags, "session.timeout"), + }, } err := d.store.Settings.Save(s) diff --git a/cmd/config_set.go b/cmd/config_set.go index 058f0d6b..f2fa0eea 100644 --- a/cmd/config_set.go +++ b/cmd/config_set.go @@ -25,6 +25,7 @@ you want to change. Other options will remain unchanged.`, checkErr(err) hasAuth := false + println(flags) flags.Visit(func(flag *pflag.Flag) { switch flag.Name { case "baseurl": @@ -47,6 +48,8 @@ you want to change. Other options will remain unchanged.`, set.Signup = mustGetBool(flags, flag.Name) case "auth.method": hasAuth = true + case "session.timeout": + ser.Session.Timeout = mustGetUint(flags, flag.Name) case "shell": set.Shell = convertCmdStrToCmdArray(mustGetString(flags, flag.Name)) case "branding.name": diff --git a/frontend/package-lock.json b/frontend/package-lock.json index ad4009d1..c6017c4a 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -16835,6 +16835,7 @@ "integrity": "sha512-8q67ORQ9O0Ms0nlqsXTVhaBefRBaLrzPxOewAZhdcO7onHwcO5/wRdWtHhZgfpCZlhY7NogkU16z3WnorSSkEA==", "dev": true, "requires": { + "@babel/core": "^7.11.0", "@babel/helper-compilation-targets": "^7.9.6", "@babel/helper-module-imports": "^7.8.3", "@babel/plugin-proposal-class-properties": "^7.8.3", @@ -16847,6 +16848,7 @@ "@vue/babel-plugin-jsx": "^1.0.3", "@vue/babel-preset-jsx": "^1.2.4", "babel-plugin-dynamic-import-node": "^2.3.3", + "core-js": "^3.6.5", "core-js-compat": "^3.6.5", "semver": "^6.1.0" } diff --git a/http/auth.go b/http/auth.go index 53fb73c3..e8616181 100644 --- a/http/auth.go +++ b/http/auth.go @@ -15,10 +15,6 @@ import ( "github.com/filebrowser/filebrowser/v2/users" ) -const ( - TokenExpirationTime = time.Hour * 2 -) - type userInfo struct { ID uint `json:"id"` Locale string `json:"locale"` @@ -189,7 +185,7 @@ func printToken(w http.ResponseWriter, _ *http.Request, d *data, user *users.Use }, StandardClaims: jwt.StandardClaims{ IssuedAt: time.Now().Unix(), - ExpiresAt: time.Now().Add(TokenExpirationTime).Unix(), + ExpiresAt: time.Now().Add(time.Duration(d.server.Session.Timeout * uint(time.Hour))).Unix(), Issuer: "File Browser", }, } diff --git a/settings/Session.go b/settings/Session.go new file mode 100644 index 00000000..fd3e98f9 --- /dev/null +++ b/settings/Session.go @@ -0,0 +1,6 @@ +package settings + +// Branding contains the branding settings of the app. +type Session struct { + Timeout uint `json:"timeout"` +} diff --git a/settings/settings.go b/settings/settings.go index 9cd45af6..46dd52b0 100644 --- a/settings/settings.go +++ b/settings/settings.go @@ -30,18 +30,19 @@ func (s *Settings) GetRules() []rules.Rule { // Server specific settings. type Server struct { - Root string `json:"root"` - BaseURL string `json:"baseURL"` - Socket string `json:"socket"` - TLSKey string `json:"tlsKey"` - TLSCert string `json:"tlsCert"` - Port string `json:"port"` - Address string `json:"address"` - Log string `json:"log"` - EnableThumbnails bool `json:"enableThumbnails"` - ResizePreview bool `json:"resizePreview"` - EnableExec bool `json:"enableExec"` - TypeDetectionByHeader bool `json:"typeDetectionByHeader"` + Root string `json:"root"` + BaseURL string `json:"baseURL"` + Socket string `json:"socket"` + TLSKey string `json:"tlsKey"` + TLSCert string `json:"tlsCert"` + Port string `json:"port"` + Address string `json:"address"` + Session Session `json:"Session"` + Log string `json:"log"` + EnableThumbnails bool `json:"enableThumbnails"` + ResizePreview bool `json:"resizePreview"` + EnableExec bool `json:"enableExec"` + TypeDetectionByHeader bool `json:"typeDetectionByHeader"` } // Clean cleans any variables that might need cleaning.