From: Christoph Wurst Date: Fri, 17 Jun 2016 10:08:48 +0000 (+0200) Subject: use token last_activity instead of session value X-Git-Tag: v9.1.0RC1~36^2~7 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=c4149c59c2cfe83b5e4cd2b20b8ad4caf2341ca9;p=nextcloud-server.git use token last_activity instead of session value --- diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index 84effc5f875..03b8bb5da28 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -97,14 +97,17 @@ class DefaultTokenProvider implements IProvider { * @throws InvalidTokenException * @param IToken $token */ - public function updateToken(IToken $token) { + public function updateTokenActivity(IToken $token) { if (!($token instanceof DefaultToken)) { throw new InvalidTokenException(); } /** @var DefaultToken $token */ - $token->setLastActivity($this->time->getTime()); - - $this->mapper->update($token); + $now = $this->time->getTime(); + if ($token->getLastActivity() < ($now - 60)) { + // Update token only once per minute + $token->setLastActivity($now); + $this->mapper->update($token); + } } /** diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index fece7dcb567..e79ba8b30e5 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -76,7 +76,7 @@ interface IProvider { * * @param IToken $token */ - public function updateToken(IToken $token); + public function updateTokenActivity(IToken $token); /** * Get all token of a user diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 0cebb3e0613..89148dcf8ec 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -237,8 +237,7 @@ class Session implements IUserSession, Emitter { $this->session->set('last_login_check', $now); } - // Session is valid, so the token can be refreshed - $this->updateToken($token); + $this->tokenProvider->updateTokenActivity($token); } /** @@ -541,7 +540,7 @@ class Session implements IUserSession, Emitter { $result = $this->loginWithToken($token->getUID()); if ($result) { // Login success - $this->updateToken($token); + $this->tokenProvider->updateTokenActivity($token); return true; } } @@ -551,19 +550,6 @@ class Session implements IUserSession, Emitter { return false; } - /** - * @param IToken $token - */ - private function updateToken(IToken $token) { - // To save unnecessary DB queries, this is only done once a minute - $lastTokenUpdate = $this->session->get('last_token_update') ? : 0; - $now = $this->timeFacory->getTime(); - if ($lastTokenUpdate < ($now - 60)) { - $this->tokenProvider->updateToken($token); - $this->session->set('last_token_update', $now); - } - } - /** * Tries to login the user with auth token header * diff --git a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php index 98cee208065..86f4842bbc3 100644 --- a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php +++ b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php @@ -97,14 +97,25 @@ class DefaultTokenProviderTest extends TestCase { public function testUpdateToken() { $tk = new DefaultToken(); + $tk->setLastActivity($this->time - 200); $this->mapper->expects($this->once()) ->method('update') ->with($tk); - $this->tokenProvider->updateToken($tk); + $this->tokenProvider->updateTokenActivity($tk); $this->assertEquals($this->time, $tk->getLastActivity()); } + + public function testUpdateTokenDebounce() { + $tk = new DefaultToken(); + $tk->setLastActivity($this->time - 30); + $this->mapper->expects($this->never()) + ->method('update') + ->with($tk); + + $this->tokenProvider->updateTokenActivity($tk); + } public function testGetTokenByUser() { $user = $this->getMock('\OCP\IUser');