Auth: Replace maximum inactive/lifetime settings of days to duration (#27150)

Allows login_maximum_inactive_lifetime_duration and login_maximum_lifetime_duration to be configured using time.Duration-compatible values while retaining backward compatibility. Fixes #17554 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2025-02-25 18:55:37 -06:00 · 2020-09-14 21:57:38 +08:00
parent f529223455
commit 8d971ab2f2
12 changed files with 122 additions and 49 deletions
--- a/pkg/middleware/middleware.go
+++ b/pkg/middleware/middleware.go
@@ -261,22 +261,21 @@ func rotateEndOfRequestFunc(ctx *models.ReqContext, authTokenService models.User
 		}

 		if rotated {
-			WriteSessionCookie(ctx, token.UnhashedToken, setting.LoginMaxLifetimeDays)
+			WriteSessionCookie(ctx, token.UnhashedToken, setting.LoginMaxLifetime)
 		}
 	}
 }

-func WriteSessionCookie(ctx *models.ReqContext, value string, maxLifetimeDays int) {
+func WriteSessionCookie(ctx *models.ReqContext, value string, maxLifetime time.Duration) {
 	if setting.Env == setting.DEV {
 		ctx.Logger.Info("New token", "unhashed token", value)
 	}

 	var maxAge int
-	if maxLifetimeDays <= 0 {
+	if maxLifetime <= 0 {
 		maxAge = -1
 	} else {
-		maxAgeHours := (time.Duration(setting.LoginMaxLifetimeDays) * 24 * time.Hour) + time.Hour
-		maxAge = int(maxAgeHours.Seconds())
+		maxAge = int(maxLifetime.Seconds())
 	}

 	WriteCookie(ctx.Resp, setting.LoginCookieName, url.QueryEscape(value), maxAge, newCookieOptions)