Hookup UI session expiration

2026-01-13 19:10:07 -03:30 · 2018-06-25 14:39:04 -04:00 · 2018-06-25 14:39:04 -04:00 · ae0793f374
commit ae0793f374
parent 2f108e55f3
4 changed files with 21 additions and 8 deletions
--- a/awx/api/generics.py
+++ b/awx/api/generics.py
@ -87,11 +87,9 @@ class LoggedLoginView(auth_views.LoginView):
        original_user = getattr(request, 'user', None)
        ret = super(LoggedLoginView, self).post(request, *args, **kwargs)
        current_user = getattr(request, 'user', None)
-
-        if current_user and getattr(current_user, 'pk', None) and current_user != original_user:
-            logger.info("User {} logged in.".format(current_user.username))
-        if request.user.is_authenticated:
-            logger.info(smart_text(u"User {} logged in".format(self.request.user.username)))
+        
+        if request.user.is_authenticated and current_user != original_user:
+            logger.info(smart_text(u"User {} logged in.".format(self.request.user.username)))
            ret.set_cookie('userLoggedIn', 'true')
            current_user = UserSerializer(self.request.user)
            current_user = JSONRenderer().render(current_user.data)
--- a/awx/main/middleware.py
+++ b/awx/main/middleware.py
@ -119,6 +119,20 @@ class ActivityStreamMiddleware(threading.local):
                    self.instance_ids.append(instance.id)


+class SessionTimeoutMiddleware(object):
+    """
+    Resets the session timeout for both the UI and the actual session for the API
+    to the value of SESSION_COOKIE_AGE on every request if there is a valid session.
+    """
+
+    def process_response(self, request, response):
+        
+        if request.session:
+            request.session.set_expiry(request.session.get_expiry_age())
+            response['Session-Timeout'] = int(settings.SESSION_COOKIE_AGE)
+        return response
+
+
 def _customize_graph():
    from awx.main.models import Instance, Schedule, UnifiedJobTemplate
    for model in [Schedule, UnifiedJobTemplate]:
--- a/awx/settings/defaults.py
+++ b/awx/settings/defaults.py
@ -200,7 +200,7 @@ SESSION_COOKIE_SECURE = True

 # Seconds before sessions expire.
 # Note: This setting may be overridden by database settings.
-SESSION_COOKIE_AGE = 1209600
+SESSION_COOKIE_AGE = 1800

 # Maximum number of per-user valid, concurrent sessions.
 # -1 is unlimited
@ -261,6 +261,7 @@ MIDDLEWARE_CLASSES = (  # NOQA
    'awx.sso.middleware.SocialAuthMiddleware',
    'crum.CurrentRequestUserMiddleware',
    'awx.main.middleware.URLModificationMiddleware',
+    'awx.main.middleware.SessionTimeoutMiddleware',
 )


--- a/awx/ui/client/src/rest/interceptors.service.js
+++ b/awx/ui/client/src/rest/interceptors.service.js
@ -22,9 +22,9 @@
                    return config;
                },
                response: function(config) {
-                    if(config.headers('auth-token-timeout') !== null){
+                    if(config.headers('Session-Timeout') !== null){
                        $rootScope.loginConfig.promise.then(function () {
-                            $AnsibleConfig.session_timeout = Number(config.headers('auth-token-timeout'));
+                            $AnsibleConfig.session_timeout = Number(config.headers('Session-Timeout'));
                        });
                    }
                    return config;