session_life_time -> session_lifetime

default session_lifetime is 24hrs
recreation of session is triggered at 50% of the session life time

diff --git a/config/config.sample.php b/config/config.sample.php
index 9254365e3e2c51461686d3ff88b7d95f83a7a288..dfa29f329c468b31c334e7ae6121d06c1996b6e6 100644 (file)
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -146,7 +146,7 @@ $CONFIG = array(
 "remember_login_cookie_lifetime" => 60*60*24*15,
 
 /* Life time of a session after inactivity */
-"session_life_time" => 60 * 60 * 12,
+"session_lifetime" => 60 * 60 * 24,
 
 /* Custom CSP policy, changing this will overwrite the standard policy */
 "custom_csp_policy" => "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src *; font-src 'self' data:; media-src *",

diff --git a/lib/base.php b/lib/base.php
index 7097a376d6ebbf24a98444a42a1c81955931bbca..af54f4391552167f0fa000c77a910f0c52b5471d 100644 (file)
--- a/lib/base.php
+++ b/lib/base.php
@@ -315,7 +315,7 @@ class OC {
                // regenerate session id periodically to avoid session fixation
                if (!self::$session->exists('SID_CREATED')) {
                        self::$session->set('SID_CREATED', time());
-               } else if (time() - self::$session->get('SID_CREATED') > $sessionLifeTime) {
+               } else if (time() - self::$session->get('SID_CREATED') > $sessionLifeTime / 2) {
                        session_regenerate_id(true);
                        self::$session->set('SID_CREATED', time());
                }
@@ -337,7 +337,7 @@ class OC {
         * @return int
         */
        private static function getSessionLifeTime() {
-               return OC_Config::getValue('session_life_time', 60 * 60 * 12);
+               return OC_Config::getValue('session_lifetime', 60 * 60 * 24);
        }
 
        public static function getRouter() {