summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/VNDB/DB/Users.pm7
-rw-r--r--lib/VNDB/Util/Auth.pm5
-rw-r--r--util/sql/schema.sql2
-rw-r--r--util/updates/update_2.11.sql3
4 files changed, 8 insertions, 9 deletions
diff --git a/lib/VNDB/DB/Users.pm b/lib/VNDB/DB/Users.pm
index 8805075f..63ac2270 100644
--- a/lib/VNDB/DB/Users.pm
+++ b/lib/VNDB/DB/Users.pm
@@ -137,12 +137,9 @@ sub dbUserDel {
# Adds a session to the database
-# If no expiration is supplied the database default is used
-# uid, 40 character session token, expiration time (timestamp)
+# uid, 40 character session token
sub dbSessionAdd {
- my($s, @o) = @_;
- $s->dbExec(q|INSERT INTO sessions (uid, token, expiration) VALUES(?, decode(?, 'hex'), to_timestamp(?))|,
- @o[0,1], $o[2]||(time+31536000));
+ $_[0]->dbExec(q|INSERT INTO sessions (uid, token) VALUES(?, decode(?, 'hex'))|, @_[1,2]);
}
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 978b882c..2d133476 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -42,11 +42,10 @@ sub authLogin {
if(_authCheck($self, $user, $pass)) {
my $token = sha1_hex(join('', Time::HiRes::gettimeofday()) . join('', map chr(rand(93)+33), 1..9));
- my $expiration = time + 31536000; # 1yr
my $cookie = $token . $self->{_auth}{id};
- $self->dbSessionAdd($self->{_auth}{id}, $token, $expiration);
+ $self->dbSessionAdd($self->{_auth}{id}, $token);
- my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime($expiration));
+ my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(time + 31536000)); # keep the cookie for 1 year
$self->resRedirect($to, 'post');
$self->resHeader('Set-Cookie', "vndb_auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}");
return 1;
diff --git a/util/sql/schema.sql b/util/sql/schema.sql
index f0091929..557b75a1 100644
--- a/util/sql/schema.sql
+++ b/util/sql/schema.sql
@@ -172,7 +172,7 @@ CREATE TABLE screenshots (
CREATE TABLE sessions (
uid integer NOT NULL,
token bytea NOT NULL,
- expiration timestamptz NOT NULL DEFAULT (now() + '1 year'::interval),
+ added timestamptz NOT NULL DEFAULT NOW(),
lastused timestamptz NOT NULL DEFAULT NOW(),
PRIMARY KEY (uid, token)
);
diff --git a/util/updates/update_2.11.sql b/util/updates/update_2.11.sql
index 09efd7d6..c59b2815 100644
--- a/util/updates/update_2.11.sql
+++ b/util/updates/update_2.11.sql
@@ -84,4 +84,7 @@ DROP FUNCTION tmp_edit_hidlock(text, integer);
-- keep track of when a session is last used
ALTER TABLE sessions ADD COLUMN lastused timestamptz NOT NULL DEFAULT NOW();
+ALTER TABLE sessions RENAME COLUMN expiration TO added;
+UPDATE sessions SET added = added - '1 year'::interval;
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 15:52:34 +0000