octo/microblog.pub
1
0
Fork 0
mirror of https://git.sr.ht/~tsileo/microblog.pub synced 2025-06-05 21:59:23 +02:00
Code Issues Projects Releases Wiki Activity

Fix admin session timeout

Browse Source
This commit is contained in:
Thomas Sileo
2022-11-21 20:43:51 +01:00
parent a435cd33c9
commit 8475f5bccd
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/admin.py
View File

@@ -30,6 +30,7 @@ from app.boxes import send_block
from app.boxes import send_follow from app.boxes import send_follow
from app.boxes import send_unblock from app.boxes import send_unblock
from app.config import EMOJIS from app.config import EMOJIS
from app.config import SESSION_TIMEOUT
from app.config import generate_csrf_token from app.config import generate_csrf_token
from app.config import session_serializer from app.config import session_serializer
from app.config import verify_csrf_token from app.config import verify_csrf_token
@@ -66,7 +67,7 @@ async def user_session_or_redirect(
raise _RedirectToLoginPage raise _RedirectToLoginPage
try: try:
loaded_session = session_serializer.loads(session, max_age=3600 * 24 * 3) loaded_session = session_serializer.loads(session, max_age=SESSION_TIMEOUT)
except Exception: except Exception:
logger.exception("Failed to validate admin session") logger.exception("Failed to validate admin session")
raise _RedirectToLoginPage raise _RedirectToLoginPage

3
app/config.py
View File

@@ -116,6 +116,8 @@ class Config(pydantic.BaseModel):
sqlalchemy_database: str | None = None sqlalchemy_database: str | None = None
key_path: str | None = None key_path: str | None = None
session_timeout: int = 3600 * 24 * 3 # in seconds, 3 days by default
# Only set when the app is served on a non-root path # Only set when the app is served on a non-root path
id: str | None = None id: str | None = None
@@ -171,6 +173,7 @@ ALSO_KNOWN_AS = CONFIG.also_known_as
CUSTOM_CONTENT_SECURITY_POLICY = CONFIG.custom_content_security_policy CUSTOM_CONTENT_SECURITY_POLICY = CONFIG.custom_content_security_policy
INBOX_RETENTION_DAYS = CONFIG.inbox_retention_days INBOX_RETENTION_DAYS = CONFIG.inbox_retention_days
SESSION_TIMEOUT = CONFIG.session_timeout
CUSTOM_FOOTER = ( CUSTOM_FOOTER = (
markdown(CONFIG.custom_footer.replace("{version}", VERSION)) markdown(CONFIG.custom_footer.replace("{version}", VERSION))
if CONFIG.custom_footer if CONFIG.custom_footer

5
app/templates.py
View File

@@ -27,6 +27,7 @@ from app.ap_object import Object
from app.config import BASE_URL from app.config import BASE_URL
from app.config import CUSTOM_FOOTER from app.config import CUSTOM_FOOTER
from app.config import DEBUG from app.config import DEBUG
from app.config import SESSION_TIMEOUT
from app.config import VERSION from app.config import VERSION
from app.config import generate_csrf_token from app.config import generate_csrf_token
from app.config import session_serializer from app.config import session_serializer
@@ -69,10 +70,10 @@ def is_current_user_admin(request: Request) -> bool:
try: try:
loaded_session = session_serializer.loads( loaded_session = session_serializer.loads(
session_cookie, session_cookie,
max_age=3600 * 12, max_age=SESSION_TIMEOUT,
) )
except Exception: except Exception:
pass logger.exception("Failed to validate session timeout")
else: else:
is_admin = loaded_session.get("is_logged_in") is_admin = loaded_session.get("is_logged_in")