Keep track of when a session has last been used

If we're going to automatically remove older sessions, it would make
more sense to remove unused sessions, rather than old sessions that are
still in use. But we first need to keep track of when a session has last
been used to do so...

2 files changed, 11 insertions, 1 deletions

diff --git a/lib/VNDB/DB/Users.pm b/lib/VNDB/DB/Users.pm
index 10c90cf6..8805075f 100644
--- a/lib/VNDB/DB/Users.pm
+++ b/lib/VNDB/DB/Users.pm
@@ -6,7 +6,8 @@ use warnings;
 use Exporter 'import';
 
 our @EXPORT = qw|
-  dbUserGet dbUserEdit dbUserAdd dbUserDel dbSessionAdd dbSessionDel
+  dbUserGet dbUserEdit dbUserAdd dbUserDel
+  dbSessionAdd dbSessionDel dbSessionUpdateLastUsed
   dbNotifyGet dbNotifyMarkRead dbNotifyRemove
 |;
 
@@ -66,6 +67,7 @@ sub dbUserGet {
       '(SELECT COUNT(DISTINCT tag) FROM tags_vn WHERE uid = u.id) AS tagcount',
       '(SELECT COUNT(DISTINCT vid) FROM tags_vn WHERE uid = u.id) AS tagvncount',
     ) : (),
+    $o{session} ? q|extract('epoch' from s.lastused) as session_lastused| : (),
   );
 
   my @join = (
@@ -155,6 +157,12 @@ sub dbSessionDel {
 }
 
 
+# uid, token
+sub dbSessionUpdateLastUsed {
+  $_[0]->dbExec(q|UPDATE sessions SET lastused = NOW() WHERE uid = ? AND token = decode(?, 'hex')|, $_[1], $_[2]);
+}
+
+
 # %options->{ uid id what results page }
 # what: titles
 sub dbNotifyGet {
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 99434c3f..978b882c 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -26,6 +26,8 @@ sub authInit {
   my $token = substr($cookie, 0, 40);
   my $uid  = substr($cookie, 40);
   $self->{_auth} = $uid =~ /^\d+$/ && $self->dbUserGet(uid => $uid, session => $token, what => 'extended notifycount')->[0];
+  # update the sessions.lastused column if lastused < now()'6 hours'
+  $self->dbSessionUpdateLastUsed($uid, $token) if $self->{_auth} && $self->{_auth}{session_lastused} < time()-6*3600;
   return _rmcookie($self) if !$self->{_auth};
 }