extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-06-19 03:16:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Disable inactivity tracking for user authenticated against bearer token

Browse Source
This commit is contained in:
Bubka 2021-10-29 21:51:58 +02:00
parent 25bb4d95ea
commit 8318f0f7a6
2 changed files with 9 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Middleware/LogUserLastSeen.php
View File

@ -18,7 +18,7 @@ class LogUserLastSeen
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if( Auth::guard('api')->check() ) { if( Auth::guard('api')->check() && !$request->bearerToken()) {
Auth::guard('api')->user()->last_seen_at = Carbon::now()->format('Y-m-d H:i:s'); Auth::guard('api')->user()->last_seen_at = Carbon::now()->format('Y-m-d H:i:s');
Auth::guard('api')->user()->save(); Auth::guard('api')->user()->save();
} }

28
app/Http/Middleware/LogoutInactiveUser.php
View File

@ -18,24 +18,20 @@ class LogoutInactiveUser
* @param \Closure $next * @param \Closure $next
* @return mixed * @return mixed
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next, $guard = null)
{ {
// We do not track activity of non-logged-in user or user authenticated against a bearer token
// Not a logged in user if (!Auth::guard('api')->check() || $request->bearerToken()) {
if (!Auth::guard('api')->check()) {
return $next($request); return $next($request);
} }
$user = Auth::guard('api')->user(); $user = Auth::guard($guard)->user();
$now = Carbon::now(); $now = Carbon::now();
$inactiveFor = $now->diffInSeconds(Carbon::parse($user->last_seen_at)); $inactiveFor = $now->diffInSeconds(Carbon::parse($user->last_seen_at));
// Fetch all setting values // Fetch all setting values
$settingService = resolve('App\Services\SettingServiceInterface'); $settingService = resolve('App\Services\SettingServiceInterface');
$settings = $settingService->all(); $kickUserAfterXSecond = intval($settingService->get('kickUserAfter')) * 60;
$kickUserAfterXSecond = intval($settings['kickUserAfter']) * 60;
// If user has been inactive longer than the allowed inactivity period // If user has been inactive longer than the allowed inactivity period
if ($kickUserAfterXSecond > 0 && $inactiveFor > $kickUserAfterXSecond) { if ($kickUserAfterXSecond > 0 && $inactiveFor > $kickUserAfterXSecond) {
@ -43,20 +39,12 @@ class LogoutInactiveUser
$user->last_seen_at = $now->format('Y-m-d H:i:s'); $user->last_seen_at = $now->format('Y-m-d H:i:s');
$user->save(); $user->save();
$accessToken = $user->token(); Auth::logout();
Log::notice('Inactive user detected, authentication rejected');
// phpunit does not generate token during tests, so we revoke it only if it exists
// @codeCoverageIgnoreStart
if( $accessToken ) {
$accessToken->revoke();
}
// @codeCoverageIgnoreEnd
Log::notice('Inactive user detected, access token revoked');
return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED); return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED);
} }
return $next($request); return $next($request);
} }
} }