added session timeout to config

2022-02-01 17:01:36 +02:00 · 2022-02-01 17:01:36 +02:00 · a49ae9c6a8
commit a49ae9c6a8
parent 205f11d677
7 changed files with 30 additions and 18 deletions
--- a/cmd/config.go
+++ b/cmd/config.go
@ -39,7 +39,7 @@ func addConfigFlags(flags *pflag.FlagSet) {
 	flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
 	flags.String("recaptcha.key", "", "ReCaptcha site key")
 	flags.String("recaptcha.secret", "", "ReCaptcha secret")
-
+	flags.Uint("session.timeout", 2, "Set session timeout in hours (default is 2 hours)")
 	flags.String("branding.name", "", "replace 'File Browser' by this name")
 	flags.String("branding.color", "", "set the theme color")
 	flags.String("branding.files", "", "path to directory with images and custom styles")
@ -135,6 +135,7 @@ func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Aut
 	fmt.Fprintf(w, "\tColor:\t%s\n", set.Branding.Color)
 	fmt.Fprintln(w, "\nServer:")
 	fmt.Fprintf(w, "\tLog:\t%s\n", ser.Log)
+	fmt.Fprintf(w, "\tSession timeout:\t%d\n", ser.Session.Timeout)
 	fmt.Fprintf(w, "\tPort:\t%s\n", ser.Port)
 	fmt.Fprintf(w, "\tBase URL:\t%s\n", ser.BaseURL)
 	fmt.Fprintf(w, "\tRoot:\t%s\n", ser.Root)
--- a/cmd/config_init.go
+++ b/cmd/config_init.go
@ -50,6 +50,9 @@ override the options.`,
 			TLSCert: mustGetString(flags, "cert"),
 			Port:    mustGetString(flags, "port"),
 			Log:     mustGetString(flags, "log"),
+			Session: settings.Session{
+				Timeout: mustGetUint(flags, "session.timeout"),
+			},
 		}

 		err := d.store.Settings.Save(s)
--- a/cmd/config_set.go
+++ b/cmd/config_set.go
@ -25,6 +25,7 @@ you want to change. Other options will remain unchanged.`,
 		checkErr(err)

 		hasAuth := false
+		println(flags)
 		flags.Visit(func(flag *pflag.Flag) {
 			switch flag.Name {
 			case "baseurl":
@ -47,6 +48,8 @@ you want to change. Other options will remain unchanged.`,
 				set.Signup = mustGetBool(flags, flag.Name)
 			case "auth.method":
 				hasAuth = true
+			case "session.timeout":
+				ser.Session.Timeout = mustGetUint(flags, flag.Name)
 			case "shell":
 				set.Shell = convertCmdStrToCmdArray(mustGetString(flags, flag.Name))
 			case "branding.name":
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@ -16835,6 +16835,7 @@
      "integrity": "sha512-8q67ORQ9O0Ms0nlqsXTVhaBefRBaLrzPxOewAZhdcO7onHwcO5/wRdWtHhZgfpCZlhY7NogkU16z3WnorSSkEA==",
      "dev": true,
      "requires": {
+        "@babel/core": "^7.11.0",
        "@babel/helper-compilation-targets": "^7.9.6",
        "@babel/helper-module-imports": "^7.8.3",
        "@babel/plugin-proposal-class-properties": "^7.8.3",
@ -16847,6 +16848,7 @@
        "@vue/babel-plugin-jsx": "^1.0.3",
        "@vue/babel-preset-jsx": "^1.2.4",
        "babel-plugin-dynamic-import-node": "^2.3.3",
+        "core-js": "^3.6.5",
        "core-js-compat": "^3.6.5",
        "semver": "^6.1.0"
      }
--- a/http/auth.go
+++ b/http/auth.go
@ -15,10 +15,6 @@ import (
 	"github.com/filebrowser/filebrowser/v2/users"
 )

-const (
-	TokenExpirationTime = time.Hour * 2
-)
-
 type userInfo struct {
 	ID           uint              `json:"id"`
 	Locale       string            `json:"locale"`
@ -189,7 +185,7 @@ func printToken(w http.ResponseWriter, _ *http.Request, d *data, user *users.Use
 		},
 		StandardClaims: jwt.StandardClaims{
 			IssuedAt:  time.Now().Unix(),
-			ExpiresAt: time.Now().Add(TokenExpirationTime).Unix(),
+			ExpiresAt: time.Now().Add(time.Duration(d.server.Session.Timeout * uint(time.Hour))).Unix(),
 			Issuer:    "File Browser",
 		},
 	}
--- a/settings/Session.go
+++ b/settings/Session.go
@ -0,0 +1,6 @@
+package settings
+
+// Branding contains the branding settings of the app.
+type Session struct {
+	Timeout uint `json:"timeout"`
+}
--- a/settings/settings.go
+++ b/settings/settings.go
@ -30,18 +30,19 @@ func (s *Settings) GetRules() []rules.Rule {

 // Server specific settings.
 type Server struct {
-	Root                  string `json:"root"`
-	BaseURL               string `json:"baseURL"`
-	Socket                string `json:"socket"`
-	TLSKey                string `json:"tlsKey"`
-	TLSCert               string `json:"tlsCert"`
-	Port                  string `json:"port"`
-	Address               string `json:"address"`
-	Log                   string `json:"log"`
-	EnableThumbnails      bool   `json:"enableThumbnails"`
-	ResizePreview         bool   `json:"resizePreview"`
-	EnableExec            bool   `json:"enableExec"`
-	TypeDetectionByHeader bool   `json:"typeDetectionByHeader"`
+	Root                  string  `json:"root"`
+	BaseURL               string  `json:"baseURL"`
+	Socket                string  `json:"socket"`
+	TLSKey                string  `json:"tlsKey"`
+	TLSCert               string  `json:"tlsCert"`
+	Port                  string  `json:"port"`
+	Address               string  `json:"address"`
+	Session               Session `json:"Session"`
+	Log                   string  `json:"log"`
+	EnableThumbnails      bool    `json:"enableThumbnails"`
+	ResizePreview         bool    `json:"resizePreview"`
+	EnableExec            bool    `json:"enableExec"`
+	TypeDetectionByHeader bool    `json:"typeDetectionByHeader"`
 }

 // Clean cleans any variables that might need cleaning.