end
end
- before_filter :user_setup, :check_if_login_required, :set_localization
+ before_filter :session_expiration, :user_setup, :check_if_login_required, :set_localization
filter_parameter_logging :password
rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token
require_dependency "repository/#{scm.underscore}"
end
+ def session_expiration
+ if session[:user_id]
+ if session_expired? && !try_to_autologin
+ reset_session
+ flash[:error] = l(:error_session_expired)
+ redirect_to signin_url
+ else
+ session[:atime] = Time.now.utc.to_i
+ end
+ end
+ end
+
+ def session_expired?
+ if Setting.session_lifetime?
+ unless session[:ctime] && (Time.now.utc.to_i - session[:ctime].to_i <= Setting.session_lifetime.to_i * 60)
+ return true
+ end
+ end
+ if Setting.session_timeout?
+ unless session[:atime] && (Time.now.utc.to_i - session[:atime].to_i <= Setting.session_timeout.to_i * 60)
+ return true
+ end
+ end
+ false
+ end
+
+ def start_user_session(user)
+ session[:user_id] = user.id
+ session[:ctime] = Time.now.utc.to_i
+ session[:atime] = Time.now.utc.to_i
+ end
+
def user_setup
# Check the settings cache for each request
Setting.check_cache
if session[:user_id]
# existing session
(User.active.find(session[:user_id]) rescue nil)
- elsif cookies[:autologin] && Setting.autologin?
- # auto-login feature starts a new session
- user = User.try_to_autologin(cookies[:autologin])
- session[:user_id] = user.id if user
+ elsif user = try_to_autologin
user
elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth?
# RSS key authentication does not start a session
end
end
+ def try_to_autologin
+ if cookies[:autologin] && Setting.autologin?
+ # auto-login feature starts a new session
+ user = User.try_to_autologin(cookies[:autologin])
+ if user
+ reset_session
+ start_user_session(user)
+ end
+ user
+ end
+ end
+
# Sets the logged in user
def logged_user=(user)
reset_session
if user && user.is_a?(User)
User.current = user
- session[:user_id] = user.id
+ start_user_session(user)
else
User.current = User.anonymous
end
<p><%= setting_check_box :rest_api_enabled %></p>
</div>
+<fieldset class="box">
+ <legend><%= l(:label_session_expiration) %></legend>
+
+ <div class="tabular settings">
+ <p><%= setting_select :session_lifetime, [[l(:label_disabled), 0]] + [1, 7, 30, 60, 365].collect{|days| [l('datetime.distance_in_words.x_days', :count => days), (days * 60 * 24).to_s]} %></p>
+ <p><%= setting_select :session_timeout, [[l(:label_disabled), 0]] + [1, 2, 4, 8, 12, 24, 48].collect{|hours| [l('datetime.distance_in_words.x_hours', :count => hours), (hours * 60).to_s]} %></p>
+ </div>
+
+ <p><em class="info"><%= l(:text_session_expiration_settings) %></em></p>
+</fieldset>
+
<%= submit_tag l(:button_save) %>
<% end %>
about_x_hours:
one: "حوالي ساعة"
other: "ساعات %{count}حوالي "
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "يوم"
other: "%{count} أيام"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "около 1 час"
other: "около %{count} часа"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 ден"
other: "%{count} дена"
description_date_range_interval: Изберете диапазон чрез задаване на начална и крайна дати
description_date_from: Въведете начална дата
description_date_to: Въведете крайна дата
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "oko 1 sahat"
other: "oko %{count} sahata"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dan"
other: "%{count} dana"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "aproximadament 1 hora"
other: "aproximadament %{count} hores"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dia"
other: "%{count} dies"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "asi 1 hodina"
other: "asi %{count} hodin"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 den"
other: "%{count} dnů"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "cirka en time"
other: "cirka %{count} timer"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "en dag"
other: "%{count} dage"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: 'etwa 1 Stunde'
other: 'etwa %{count} Stunden'
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: '1 Tag'
other: '%{count} Tagen'
setting_unsubscribe: Erlaubt Benutzern das eigene Benutzerkonto zu löschen
button_delete_my_account: Mein Benutzerkonto löschen
text_account_destroy_confirmation: Möchten Sie wirklich fortfahren?\nIhr Benutzerkonto wird für immer gelöscht und kann nicht wiederhergestellt werden.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "περίπου 1 ώρα"
other: "περίπου %{count} ώρες"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 ημέρα"
other: "%{count} ημέρες"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "about 1 hour"
other: "about %{count} hours"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 day"
other: "%{count} days"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "about 1 hour"
other: "about %{count} hours"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 day"
other: "%{count} days"
error_unable_delete_issue_status: 'Unable to delete issue status'
error_unable_to_connect: "Unable to connect (%{value})"
error_attachment_too_big: "This file cannot be uploaded because it exceeds the maximum allowed file size (%{max_size})"
+ error_session_expired: "Your session has expired. Please login again."
warning_attachments_not_saved: "%{count} file(s) could not be saved."
mail_subject_lost_password: "Your %{value} password"
setting_default_issue_start_date_to_creation_date: Use current date as start date for new issues
setting_commit_cross_project_ref: Allow issues of all the other projects to be referenced and fixed
setting_unsubscribe: Allow users to delete their own account
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
permission_add_project: Create project
permission_add_subprojects: Create subprojects
label_item_position: "%{position} of %{count}"
label_completed_versions: Completed versions
label_search_for_watchers: Search for watchers to add
+ label_session_expiration: Session expiration
button_login: Login
button_submit: Submit
text_issue_conflict_resolution_add_notes: "Add my notes and discard my other changes"
text_issue_conflict_resolution_cancel: "Discard all my changes and redisplay %{link}"
text_account_destroy_confirmation: "Are you sure you want to proceed?\nYour account will be permanently deleted, with no way to reactivate it."
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
default_role_manager: Manager
default_role_developer: Developer
about_x_hours:
one: "alrededor de 1 hora"
other: "alrededor de %{count} horas"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 día"
other: "%{count} días"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "umbes 1 tund"
other: "umbes %{count} tundi"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 päev"
other: "%{count} päeva"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "ordu 1 inguru"
other: "%{count} ordu inguru"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "egun 1"
other: "%{count} egun"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "نزدیک 1 ساعت"
other: "نزدیک %{count} ساعت"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 روز"
other: "%{count} روز"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "noin tunti"
other: "noin %{count} tuntia"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "päivä"
other: "%{count} päivää"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "environ une heure"
other: "environ %{count} heures"
+ x_hours:
+ one: "une heure"
+ other: "%{count} heures"
x_days:
one: "un jour"
other: "%{count} jours"
error_workflow_copy_target: 'Veuillez sélectionner les trackers et rôles cibles'
error_issue_done_ratios_not_updated: L'avancement des demandes n'a pas pu être mis à jour.
error_attachment_too_big: Ce fichier ne peut pas être attaché car il excède la taille maximale autorisée (%{max_size})
+ error_session_expired: "Votre session a expiré. Veuillez vous reconnecter."
warning_attachments_not_saved: "%{count} fichier(s) n'ont pas pu être sauvegardés."
setting_default_issue_start_date_to_creation_date: Donner à la date de début d'une nouvelle demande la valeur de la date du jour
setting_commit_cross_project_ref: Permettre le référencement et la résolution des demandes de tous les autres projets
setting_unsubscribe: Permettre aux utilisateurs de supprimer leur propre compte
+ setting_session_lifetime: Durée de vie maximale des sessions
+ setting_session_timeout: Durée maximale d'inactivité
permission_add_project: Créer un projet
permission_add_subprojects: Créer des sous-projets
label_copy_attachments: Copier les fichiers
label_item_position: "%{position} sur %{count}"
label_completed_versions: Versions passées
+ label_session_expiration: Expiration des sessions
button_login: Connexion
button_submit: Soumettre
text_issue_conflict_resolution_add_notes: "Ajouter mes notes et ignorer mes autres changements"
text_issue_conflict_resolution_cancel: "Annuler ma mise à jour et réafficher %{link}"
text_account_destroy_confirmation: "Êtes-vous sûr de vouloir continuer ?\nVotre compte sera définitivement supprimé, sans aucune possibilité de le réactiver."
+ text_session_expiration_settings: "Attention : le changement de ces paramètres peut entrainer l'expiration des sessions utilisateurs en cours, y compris la vôtre."
default_role_manager: "Manager "
default_role_developer: "Développeur "
about_x_hours:
one: 'aproximadamente unha hora'
other: '%{count} horas'
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: '1 día'
other: '%{count} días'
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: 'בערך שעה אחת'
other: 'בערך %{count} שעות'
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: 'יום אחד'
other: '%{count} ימים'
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "oko sat vremena"
other: "oko %{count} sati"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dan"
other: "%{count} dana"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: 'csaknem 1 órája'
other: 'csaknem %{count} órája'
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: '1 napja'
other: '%{count} napja'
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "sekitar sejam"
other: "sekitar %{count} jam"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "sehari"
other: "%{count} hari"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "circa un'ora"
other: "circa %{count} ore"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 giorno"
other: "%{count} giorni"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "約1時間"
other: "約%{count}時間"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1日"
other: "%{count}日"
text_account_destroy_confirmation: |-
本当にアカウントを削除しますか?
アカウントは恒久的に削除されます。削除後に再度アカウントを有効にする手段はありません。
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "약 한시간"
other: "약 %{count}시간"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "하루"
other: "%{count}일"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "apie 1 valanda"
other: "apie %{count} valandų"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 diena"
other: "%{count} dienų"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "aptuveni 1 stunda"
other: "aptuveni %{count} stundas"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 diena"
other: "%{count} dienas"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "околу 1 час"
other: "околу %{count} часа"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 ден"
other: "%{count} дена"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "1 цаг орчим"
other: "ойролцоогоор %{count} цаг"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 өдөр"
other: "%{count} өдөр"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "ongeveer 1 uur"
other: "ongeveer %{count} uren"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dag"
other: "%{count} dagen"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "rundt 1 time"
other: "rundt %{count} timer"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dag"
other: "%{count} dager"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "około godziny"
other: "około %{count} godzin"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dzień"
other: "%{count} dni"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: 'aproximadamente 1 hora'
other: 'aproximadamente %{count} horas'
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: '1 dia'
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "aproximadamente 1 hora"
other: "aproximadamente %{count} horas"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dia"
other: "%{count} dias"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "aproximativ o oră"
other: "aproximativ %{count} ore"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "o zi"
other: "%{count} zile"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
few: "около %{count} часов"
many: "около %{count} часов"
other: "около %{count} часа"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "%{count} день"
few: "%{count} дня"
setting_unsubscribe: "Разрешить пользователям удалять свои учетные записи"
button_delete_my_account: "Удалить мою учетную запись"
text_account_destroy_confirmation: "Ваша учетная запись будет полностью удалена без возможности восстановления.\nВы уверены, что хотите продолжить?"
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "okolo 1 hodiny"
other: "okolo %{count} hodín"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 deň"
other: "%{count} dní"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "okrog 1. ure"
other: "okrog %{count} ur"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 dan"
other: "%{count} dni"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "about 1 hour"
other: "about %{count} hours"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 day"
other: "%{count} days"
description_date_range_interval: Choose range by selecting start and end date
description_date_from: Enter start date
description_date_to: Enter end date
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "približno jedan sat"
other: "približno %{count} sati"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "jedan dan"
other: "%{count} dana"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "приближно један сат"
other: "приближно %{count} сати"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "један дан"
other: "%{count} дана"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "ungefär en timme"
other: "ungefär %{count} timmar"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "en dag"
other: "%{count} dagar"
description_date_range_interval: Ange intervall genom att välja start- och slutdatum
description_date_from: Ange startdatum
description_date_to: Ange slutdatum
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "about 1 hour"
other: "about %{count} hours"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 day"
other: "%{count} days"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: 'yaklaşık 1 saat'
other: 'yaklaşık %{count} saat'
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: '1 gün'
other: '%{count} gün'
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "about 1 hour"
other: "about %{count} hours"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 day"
other: "%{count} days"
setting_unsubscribe: "Дозволити користувачам видаляти свої облікові записи"
button_delete_my_account: "Видалити мій обліковий запис"
text_account_destroy_confirmation: "Ваш обліковий запис буде повністю видалений без можливості відновлення.\nВи певні, что бажаете продовжити?"
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "khoảng 1 giờ"
other: "khoảng %{count} giờ"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 ngày"
other: "%{count} ngày"
text_account_destroy_confirmation: |-
Are you sure you want to proceed?
Your account will be permanently deleted, with no way to reactivate it.
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "約 1 小時"
other: "約 %{count} 小時"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "1 天"
other: "%{count} 天"
description_date_range_interval: 選擇起始與結束日期以設定範圍區間
description_date_from: 輸入起始日期
description_date_to: 輸入結束日期
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
about_x_hours:
one: "大约一小时"
other: "大约 %{count} 小时"
+ x_hours:
+ one: "1 hour"
+ other: "%{count} hours"
x_days:
one: "一天"
other: "%{count} 天"
text_account_destroy_confirmation: |-
确定继续处理?
您的账号一旦删除,将无法再次激活使用。
+ error_session_expired: Your session has expired. Please login again.
+ text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours."
+ setting_session_lifetime: Session maximum lifetime
+ setting_session_timeout: Session inactivity timeout
+ label_session_expiration: Session expiration
password_min_length:
format: int
default: 4
+# Maximum lifetime of user sessions in minutes
+session_lifetime:
+ format: int
+ default: 0
+# User session timeout in minutes
+session_timeout:
+ format: int
+ default: 0
attachment_max_size:
format: int
default: 5120
== TBD v1.4.4
* Defect #11112: REST API - custom fields in POST/PUT ignored for time_entries
+* Feature #6597: Configurable session lifetime and timeout
* Patch #11113: Small glitch in German localization
== 2012-06-05 v1.4.3
--- /dev/null
+# Redmine - project management software
+# Copyright (C) 2006-2012 Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+require File.expand_path('../../test_helper', __FILE__)
+
+class SessionStartTest < ActionController::TestCase
+ tests AccountController
+
+ def test_login_should_set_session_timestamps
+ post :login, :username => 'jsmith', :password => 'jsmith'
+ assert_response 302
+ assert_equal 2, session[:user_id]
+ assert_not_nil session[:ctime]
+ assert_not_nil session[:atime]
+ end
+end
+
+class SessionsTest < ActionController::TestCase
+ tests WelcomeController
+
+ def test_atime_from_user_session_should_be_updated
+ created = 2.hours.ago.utc.to_i
+ get :index, {}, {:user_id => 2, :ctime => created, :atime => created}
+ assert_response :success
+ assert_equal created, session[:ctime]
+ assert_not_equal created, session[:atime]
+ assert session[:atime] > created
+ end
+
+ def test_user_session_should_not_be_reset_if_lifetime_and_timeout_disabled
+ with_settings :session_lifetime => '0', :session_timeout => '0' do
+ get :index, {}, {:user_id => 2}
+ assert_response :success
+ end
+ end
+
+ def test_user_session_without_ctime_should_be_reset_if_lifetime_enabled
+ with_settings :session_lifetime => '720' do
+ get :index, {}, {:user_id => 2}
+ assert_redirected_to '/login'
+ end
+ end
+
+ def test_user_session_with_expired_ctime_should_be_reset_if_lifetime_enabled
+ with_settings :session_timeout => '720' do
+ get :index, {}, {:user_id => 2, :atime => 2.days.ago.utc.to_i}
+ assert_redirected_to '/login'
+ end
+ end
+
+ def test_user_session_with_valid_ctime_should_not_be_reset_if_lifetime_enabled
+ with_settings :session_timeout => '720' do
+ get :index, {}, {:user_id => 2, :atime => 3.hours.ago.utc.to_i}
+ assert_response :success
+ end
+ end
+
+ def test_user_session_without_atime_should_be_reset_if_timeout_enabled
+ with_settings :session_timeout => '60' do
+ get :index, {}, {:user_id => 2}
+ assert_redirected_to '/login'
+ end
+ end
+
+ def test_user_session_with_expired_atime_should_be_reset_if_timeout_enabled
+ with_settings :session_timeout => '60' do
+ get :index, {}, {:user_id => 2, :atime => 4.hours.ago.utc.to_i}
+ assert_redirected_to '/login'
+ end
+ end
+
+ def test_user_session_with_valid_atime_should_not_be_reset_if_timeout_enabled
+ with_settings :session_timeout => '60' do
+ get :index, {}, {:user_id => 2, :atime => 10.minutes.ago.utc.to_i}
+ assert_response :success
+ end
+ end
+
+ def test_expired_user_session_should_be_restarted_if_autologin
+ with_settings :session_lifetime => '720', :session_timeout => '60', :autologin => 7 do
+ token = Token.create!(:user_id => 2, :action => 'autologin', :created_on => 1.day.ago)
+ @request.cookies['autologin'] = token.value
+ created = 2.hours.ago.utc.to_i
+
+ get :index, {}, {:user_id => 2, :ctime => created, :atime => created}
+ assert_equal 2, session[:user_id]
+ assert_response :success
+ assert_not_equal created, session[:ctime]
+ assert session[:ctime] >= created
+ end
+ end
+
+ def test_anonymous_session_should_not_be_reset
+ with_settings :session_lifetime => '720', :session_timeout => '60' do
+ get :index
+ assert_response :success
+ end
+ end
+end
projects / redmine.git / commitdiff