Cookie session is now auto-refreshed.

2020-06-12 12:00:58 -07:00 · 2020-06-12 12:00:58 -07:00 · dfdaac0549
parent 070bcde280
commit dfdaac0549
3 changed files with 30 additions and 1 deletions
--- a/views/default-mobile.handlebars
+++ b/views/default-mobile.handlebars
@ -739,6 +739,7 @@
        var debugLevel = parseInt('{{{debuglevel}}}');
        var features = parseInt('{{{features}}}');
        var sessionTime = parseInt('{{{sessiontime}}}');
+        var sessionRefreshTimer = null;
        var domain = '{{{domain}}}';
        var domainUrl = '{{{domainurl}}}';
        var authCookie = '{{{authCookie}}}';
@ -799,6 +800,17 @@

            attemptWebRTC = 0; // For now, default WebRTC off unless we set it in the URL.
            if (args.webrtc != null) { attemptWebRTC = (args.webrtc == 1); }
+
+            // Session Refresh Timer
+            sessionRefreshTimer = setInterval(function () {
+                var xdr = null;
+                try { xdr = new XDomainRequest(); } catch (e) { }
+                if (!xdr) xdr = new XMLHttpRequest();
+                xdr.open('GET', window.location.origin + domainUrl + 'refresh.ashx');
+                xdr.timeout = 15000;
+                xdr.onload = xdr.onerror = xdr.ontimeout = function () { };
+                xdr.send();
+            }, Math.round((sessionTime * 60000) * 0.8))
        }

        function onStateChanged(server, state, prevState, errorCode) {
--- a/views/default.handlebars
+++ b/views/default.handlebars
@ -1219,6 +1219,7 @@
        var debugLevel = parseInt('{{{debuglevel}}}');
        var features = parseInt('{{{features}}}');
        var sessionTime = parseInt('{{{sessiontime}}}');
+        var sessionRefreshTimer = null;
        var domain = '{{{domain}}}';
        var domainUrl = '{{{domainurl}}}';
        var authCookie = '{{{authCookie}}}';
@ -1419,6 +1420,17 @@
                    QH('devCustomUIBar', x);
                }
            }
+
+            // Session Refresh Timer
+            sessionRefreshTimer = setInterval(function () {
+                var xdr = null;
+                try { xdr = new XDomainRequest(); } catch (e) { }
+                if (!xdr) xdr = new XMLHttpRequest();
+                xdr.open('GET', window.location.origin + domainUrl + 'refresh.ashx');
+                xdr.timeout = 15000;
+                xdr.onload = xdr.onerror = xdr.ontimeout = function () { };
+                xdr.send();
+            }, Math.round((sessionTime * 60000) * 0.8))
        }

        // Generic handling of custom actions
@ -5025,7 +5037,7 @@
            //for(var i = meshOptions.options.length - 1 ; i > 0 ; i--) { meshOptions.remove(i); }
        }

-        // Make a http get call- Replace this with AJAX get if jquery  is used
+        // Make a http get call
        function getSearchLocation() {
            try {
                var searchdata = Q('mapSearchLocation').value.trim();
--- a/webserver.js
+++ b/webserver.js
@ -2187,6 +2187,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                var customui = '';
                if (domain.customui != null) { customui = encodeURIComponent(JSON.stringify(domain.customui)); }

+                // Refresh the session
                render(req, res, getRenderPage('default', req, domain), getRenderArgs({ authCookie: authCookie, authRelayCookie: authRelayCookie, viewmode: viewmode, currentNode: currentNode, logoutControls: encodeURIComponent(JSON.stringify(logoutcontrols)).replace(/'/g, '%27'), domain: domain.id, debuglevel: parent.debugLevel, serverDnsName: obj.getWebServerName(domain), serverRedirPort: args.redirport, serverPublicPort: httpsPort, noServerBackup: (args.noserverbackup == 1 ? 1 : 0), features: features, sessiontime: args.sessiontime, mpspass: args.mpspass, passRequirements: passRequirements, customui: customui, webcerthash: Buffer.from(obj.webCertificateFullHashs[domain.id], 'binary').toString('base64').replace(/\+/g, '@').replace(/\//g, '$'), footer: (domain.footer == null) ? '' : domain.footer, webstate: encodeURIComponent(webstate), pluginHandler: (parent.pluginHandler == null) ? 'null' : parent.pluginHandler.prepExports() }, req, domain));
            });
        } else {
@ -4227,6 +4228,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
            // Check the session if bound to the external IP address
            if ((req.session.ip != null) && (req.clientIp != null) && (req.session.ip != req.clientIp)) { req.session = {}; }

+            // Extend the session time by forcing a change to the session every minute.
+            req.session.nowInMinutes = Math.floor(Date.now() / 60e3);
+
            // Detect if this is a file sharing domain, if so, just share files.
            if ((domain != null) && (domain.share != null)) {
                var rpath;
@ -4284,6 +4288,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
            var url = domain.url;
            obj.app.get(url, handleRootRequest);
            obj.app.post(url, handleRootPostRequest);
+            obj.app.get(url + 'refresh.ashx', function (req, res) { res.sendStatus(200); });
            obj.app.get(url + 'backup.zip', handleBackupRequest);
            obj.app.post(url + 'restoreserver.ashx', handleRestoreRequest);
            obj.app.get(url + 'terms', handleTermsRequest);