diff options
| -rw-r--r-- | config/config.sample.php | 12 | ||||
| -rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 6 | ||||
| -rw-r--r-- | tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php | 6 |
3 files changed, 23 insertions, 1 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 61d7130660d..2710fbf5fdb 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -270,6 +270,18 @@ $CONFIG = [ 'token_auth_enforced' => false, /** + * The interval at which token activity should be updated. + * Increasing this value means that the last activty on the security page gets + * more outdated. + * + * Tokens are still checked every 5 minutes for validity + * max value: 300 + * + * Defaults to ``300`` + */ +'token_auth_activity_update' => 60, + +/** * Whether the bruteforce protection shipped with Nextcloud should be enabled or not. * * Disabling this is discouraged for security reasons. diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index cd2fca5dec8..a6498ca9923 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -215,9 +215,13 @@ class PublicKeyTokenProvider implements IProvider { if (!($token instanceof PublicKeyToken)) { throw new InvalidTokenException("Invalid token type"); } + + $activityInterval = $this->config->getSystemValueInt('token_auth_activity_update', 60); + $activityInterval = min(max($activityInterval, 0), 300); + /** @var DefaultToken $token */ $now = $this->time->getTime(); - if ($token->getLastActivity() < ($now - 60)) { + if ($token->getLastActivity() < ($now - $activityInterval)) { // Update token only once per minute $token->setLastActivity($now); $this->mapper->update($token); diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php index c16ee7b818e..a815025a509 100644 --- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php +++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php @@ -112,6 +112,12 @@ class PublicKeyTokenProviderTest extends TestCase { public function testUpdateTokenDebounce() { $tk = new PublicKeyToken(); + + $this->config->method('getSystemValueInt') + ->willReturnCallback(function ($value, $default) { + return $default; + }); + $tk->setLastActivity($this->time - 30); $this->mapper->expects($this->never()) ->method('update') |