added session timeout to config

cmd/config.go

@@ -39,7 +39,7 @@ func addConfigFlags(flags *pflag.FlagSet) {
 	flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
 	flags.String("recaptcha.key", "", "ReCaptcha site key")
 	flags.String("recaptcha.secret", "", "ReCaptcha secret")
-
+	flags.Uint("session.timeout", 2, "Set session timeout in hours (default is 2 hours)")
 	flags.String("branding.name", "", "replace 'File Browser' by this name")
 	flags.String("branding.color", "", "set the theme color")
 	flags.String("branding.files", "", "path to directory with images and custom styles")
@@ -135,6 +135,7 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut
 	fmt.Fprintf(w, "\tColor:\t%s\n", set.Branding.Color)
 	fmt.Fprintln(w, "\nServer:")
 	fmt.Fprintf(w, "\tLog:\t%s\n", ser.Log)
+	fmt.Fprintf(w, "\tSession timeout:\t%d\n", ser.Session.Timeout)
 	fmt.Fprintf(w, "\tPort:\t%s\n", ser.Port)
 	fmt.Fprintf(w, "\tBase URL:\t%s\n", ser.BaseURL)
 	fmt.Fprintf(w, "\tRoot:\t%s\n", ser.Root)

cmd/config_init.go

@@ -50,6 +50,9 @@ override the options.`,
 			TLSCert: mustGetString(flags, "cert"),
 			Port:    mustGetString(flags, "port"),
 			Log:     mustGetString(flags, "log"),
+			Session: settings.Session{
+				Timeout: mustGetUint(flags, "session.timeout"),
+			},
 		}
 
 		err := d.store.Settings.Save(s)

cmd/config_set.go

@@ -25,6 +25,7 @@ you want to change. Other options will remain unchanged.`,
 		checkErr(err)
 
 		hasAuth := false
+		println(flags)
 		flags.Visit(func(flag *pflag.Flag) {
 			switch flag.Name {
 			case "baseurl":
@@ -47,6 +48,8 @@ you want to change. Other options will remain unchanged.`,
 				set.Signup = mustGetBool(flags, flag.Name)
 			case "auth.method":
 				hasAuth = true
+			case "session.timeout":
+				ser.Session.Timeout = mustGetUint(flags, flag.Name)
 			case "shell":
 				set.Shell = convertCmdStrToCmdArray(mustGetString(flags, flag.Name))
 			case "branding.name":

frontend/package-lock.json

@@ -16835,6 +16835,7 @@
       "integrity": "sha512-8q67ORQ9O0Ms0nlqsXTVhaBefRBaLrzPxOewAZhdcO7onHwcO5/wRdWtHhZgfpCZlhY7NogkU16z3WnorSSkEA==",
       "dev": true,
       "requires": {
+        "@babel/core": "^7.11.0",
         "@babel/helper-compilation-targets": "^7.9.6",
         "@babel/helper-module-imports": "^7.8.3",
         "@babel/plugin-proposal-class-properties": "^7.8.3",
@@ -16847,6 +16848,7 @@
         "@vue/babel-plugin-jsx": "^1.0.3",
         "@vue/babel-preset-jsx": "^1.2.4",
         "babel-plugin-dynamic-import-node": "^2.3.3",
+        "core-js": "^3.6.5",
         "core-js-compat": "^3.6.5",
         "semver": "^6.1.0"
       }

http/auth.go

@@ -15,10 +15,6 @@ import (
 	"github.com/filebrowser/filebrowser/v2/users"
 )
 
-const (
-	TokenExpirationTime = time.Hour * 2
-)
-
 type userInfo struct {
 	ID           uint              `json:"id"`
 	Locale       string            `json:"locale"`
@@ -189,7 +185,7 @@ func printToken(w http.ResponseWriter, _ *http.Request, d *data, user *users.Use
 		},
 		StandardClaims: jwt.StandardClaims{
 			IssuedAt:  time.Now().Unix(),
-			ExpiresAt: time.Now().Add(TokenExpirationTime).Unix(),
+			ExpiresAt: time.Now().Add(time.Duration(d.server.Session.Timeout * uint(time.Hour))).Unix(),
 			Issuer:    "File Browser",
 		},
 	}

settings/Session.go

@@ -0,0 +1,6 @@
+package settings
+
+// Branding contains the branding settings of the app.
+type Session struct {
+	Timeout uint `json:"timeout"`
+}

settings/settings.go

@@ -37,6 +37,7 @@ type Server struct {
 	TLSCert               string  `json:"tlsCert"`
 	Port                  string  `json:"port"`
 	Address               string  `json:"address"`
+	Session               Session `json:"Session"`
 	Log                   string  `json:"log"`
 	EnableThumbnails      bool    `json:"enableThumbnails"`
 	ResizePreview         bool    `json:"resizePreview"`