Mercurial > gemma
diff pkg/auth/session.go @ 2639:0db742c7813d
Make session timeout configurable
Useful e.g. for testing, long running scripts, coping with a client
clock which is more than 3 hours fast and maybe more.
Even configuring a timeout <= 0 might be useful to actually prevent
clients from doing anything.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 14 Mar 2019 11:15:43 +0100 |
parents | 20b9c3f261db |
children | 7cccf7fef3e8 |
line wrap: on
line diff
--- a/pkg/auth/session.go Thu Mar 14 10:50:18 2019 +0100 +++ b/pkg/auth/session.go Thu Mar 14 11:15:43 2019 +0100 @@ -21,6 +21,7 @@ "time" "gemma.intevation.de/gemma/pkg/common" + "gemma.intevation.de/gemma/pkg/config" "gemma.intevation.de/gemma/pkg/misc" ) @@ -66,7 +67,6 @@ const ( sessionKeyLength = 20 - maxTokenValid = time.Hour * 3 ) // newSession creates a new session. @@ -74,7 +74,7 @@ // Create the Claims return &Session{ - ExpiresAt: time.Now().Add(maxTokenValid).Unix(), + ExpiresAt: time.Now().Add(config.SessionTimeout()).Unix(), User: user, Roles: roles, }