diff --git a/src/Socialbox/Classes/Configuration.php b/src/Socialbox/Classes/Configuration.php index fcae5b0..2b0338a 100644 --- a/src/Socialbox/Classes/Configuration.php +++ b/src/Socialbox/Classes/Configuration.php @@ -123,6 +123,9 @@ // Server Policies // The maximum number of signing keys a peer can register onto the server at once $config->setDefault('policies.max_signing_keys', 20); + // The amount of time in seconds it takes before a session is considered expired due to inactivity + // Default: 12hours + $config->setDefault('policies.session_inactivity_expires', 43200); // Storage configuration $config->setDefault('storage.path', '/etc/socialbox'); // The main path for file storage diff --git a/src/Socialbox/Classes/Configuration/PoliciesConfiguration.php b/src/Socialbox/Classes/Configuration/PoliciesConfiguration.php index 90b356d..3d9bef0 100644 --- a/src/Socialbox/Classes/Configuration/PoliciesConfiguration.php +++ b/src/Socialbox/Classes/Configuration/PoliciesConfiguration.php @@ -5,10 +5,12 @@ class PoliciesConfiguration { private int $maxSigningKeys; + private int $sessionInactivityExpires; public function __construct(array $data) { $this->maxSigningKeys = $data['max_signing_keys']; + $this->sessionInactivityExpires = $data['session_inactivity_expires']; } /** @@ -18,4 +20,12 @@ { return $this->maxSigningKeys; } + + /** + * @return int + */ + public function getSessionInactivityExpires(): int + { + return $this->sessionInactivityExpires; + } } \ No newline at end of file diff --git a/src/Socialbox/Objects/Database/SessionRecord.php b/src/Socialbox/Objects/Database/SessionRecord.php index ec21c7c..49091d4 100644 --- a/src/Socialbox/Objects/Database/SessionRecord.php +++ b/src/Socialbox/Objects/Database/SessionRecord.php @@ -3,6 +3,7 @@ namespace Socialbox\Objects\Database; use DateTime; + use Socialbox\Classes\Configuration; use Socialbox\Enums\Flags\SessionFlags; use Socialbox\Enums\SessionState; use Socialbox\Interfaces\SerializableInterface; @@ -165,6 +166,12 @@ */ public function getState(): SessionState { + $expires = time() + Configuration::getPoliciesConfiguration()->getSessionInactivityExpires(); + if($this->lastRequest !== null && $this->lastRequest->getTimestamp() > $expires) + { + return SessionState::EXPIRED; + } + return $this->state; } diff --git a/src/Socialbox/Socialbox.php b/src/Socialbox/Socialbox.php index 3895268..519b3ba 100644 --- a/src/Socialbox/Socialbox.php +++ b/src/Socialbox/Socialbox.php @@ -409,7 +409,18 @@ // Verify if the session is active if($session->getState() !== SessionState::ACTIVE) { - self::returnError(403, StandardError::FORBIDDEN, 'Session is not active'); + self::returnError(403, StandardError::FORBIDDEN, 'Session is not active (' . $session->getState()->value . ')'); + return; + } + + try + { + SessionManager::updateLastRequest($session->getUuid()); + } + catch (DatabaseOperationException $e) + { + Logger::getLogger()->error('Failed to update the last request time for the session', $e); + self::returnError(500, StandardError::INTERNAL_SERVER_ERROR, 'Failed to update the session', $e); return; }