web - fix login timeout
This commit is contained in:
parent
5457ff3f05
commit
8ed3d8cbf5
@ -100,6 +100,17 @@ methods.start = () => {
|
||||
}
|
||||
app.use(session_handler(session_options));
|
||||
|
||||
// login timeout, clear on all requests
|
||||
app.use((req, res, next) => {
|
||||
if(req.session && req.session.user && req.session.user.login_timeout) {
|
||||
if(Date.now() > req.session.user.login_timeout + cfg.web.loginTimeout * 1000) {
|
||||
res.clearCookie('RememberMe');
|
||||
req.session.destroy();
|
||||
}
|
||||
}
|
||||
next();
|
||||
})
|
||||
|
||||
// web routes
|
||||
let mRoutes = require(global['__dirname']+'/bin/web/routes/static');
|
||||
let mainRoutes = await mRoutes.getRoutes();
|
||||
|
@ -27,15 +27,6 @@ module.exports = {
|
||||
}));
|
||||
}
|
||||
|
||||
if(Date.now() > req.session.user.loginTimeout + cfg.web.loginTimeout) {
|
||||
res.clearCookie('RememberMe');
|
||||
req.session.destroy();
|
||||
return res.type('json').status(401).end(JSON.stringify({
|
||||
status: 401,
|
||||
message: 'msg.auth.login.failed'
|
||||
}));
|
||||
}
|
||||
|
||||
let mfa = sanitize(req.body.mfa);
|
||||
user = await db.getUser(req.session.user.id);
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user