src/Socialbox/Classes/Configuration.php

@@ -123,6 +123,9 @@
             // Server Policies
             // The maximum number of signing keys a peer can register onto the server at once
             $config->setDefault('policies.max_signing_keys', 20);
+            // The amount of time in seconds it takes before a session is considered expired due to inactivity
+            // Default: 12hours
+            $config->setDefault('policies.session_inactivity_expires', 43200);
 
             // Storage configuration
             $config->setDefault('storage.path', '/etc/socialbox'); // The main path for file storage

src/Socialbox/Classes/Configuration/PoliciesConfiguration.php

@@ -5,10 +5,12 @@
     class PoliciesConfiguration
     {
         private int $maxSigningKeys;
+        private int $sessionInactivityExpires;
 
         public function __construct(array $data)
         {
             $this->maxSigningKeys = $data['max_signing_keys'];
+            $this->sessionInactivityExpires = $data['session_inactivity_expires'];
         }
 
         /**
@@ -18,4 +20,12 @@
         {
             return $this->maxSigningKeys;
         }
+
+        /**
+         * @return int
+         */
+        public function getSessionInactivityExpires(): int
+        {
+            return $this->sessionInactivityExpires;
+        }
     }

src/Socialbox/Objects/Database/SessionRecord.php

@@ -3,6 +3,7 @@
     namespace Socialbox\Objects\Database;
 
     use DateTime;
+    use Socialbox\Classes\Configuration;
     use Socialbox\Enums\Flags\SessionFlags;
     use Socialbox\Enums\SessionState;
     use Socialbox\Interfaces\SerializableInterface;
@@ -165,6 +166,12 @@
          */
         public function getState(): SessionState
         {
+            $expires = time() + Configuration::getPoliciesConfiguration()->getSessionInactivityExpires();
+            if($this->lastRequest !== null && $this->lastRequest->getTimestamp() > $expires)
+            {
+                return SessionState::EXPIRED;
+            }
+
             return $this->state;
         }
 

src/Socialbox/Socialbox.php

@@ -409,7 +409,18 @@
             // Verify if the session is active
             if($session->getState() !== SessionState::ACTIVE)
             {
-                self::returnError(403, StandardError::FORBIDDEN, 'Session is not active');
+                self::returnError(403, StandardError::FORBIDDEN, 'Session is not active (' . $session->getState()->value . ')');
+                return;
+            }
+
+            try
+            {
+                SessionManager::updateLastRequest($session->getUuid());
+            }
+            catch (DatabaseOperationException $e)
+            {
+                Logger::getLogger()->error('Failed to update the last request time for the session', $e);
+                self::returnError(500, StandardError::INTERNAL_SERVER_ERROR, 'Failed to update the session', $e);
                 return;
             }