From c4149c59c2cfe83b5e4cd2b20b8ad4caf2341ca9 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Fri, 17 Jun 2016 12:08:48 +0200 Subject: use token last_activity instead of session value --- .../Authentication/Token/DefaultTokenProvider.php | 11 +++++++---- lib/private/Authentication/Token/IProvider.php | 2 +- lib/private/User/Session.php | 18 ++---------------- 3 files changed, 10 insertions(+), 21 deletions(-) (limited to 'lib') diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index 84effc5f875..03b8bb5da28 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -97,14 +97,17 @@ class DefaultTokenProvider implements IProvider { * @throws InvalidTokenException * @param IToken $token */ - public function updateToken(IToken $token) { + public function updateTokenActivity(IToken $token) { if (!($token instanceof DefaultToken)) { throw new InvalidTokenException(); } /** @var DefaultToken $token */ - $token->setLastActivity($this->time->getTime()); - - $this->mapper->update($token); + $now = $this->time->getTime(); + if ($token->getLastActivity() < ($now - 60)) { + // Update token only once per minute + $token->setLastActivity($now); + $this->mapper->update($token); + } } /** diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index fece7dcb567..e79ba8b30e5 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -76,7 +76,7 @@ interface IProvider { * * @param IToken $token */ - public function updateToken(IToken $token); + public function updateTokenActivity(IToken $token); /** * Get all token of a user diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 0cebb3e0613..89148dcf8ec 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -237,8 +237,7 @@ class Session implements IUserSession, Emitter { $this->session->set('last_login_check', $now); } - // Session is valid, so the token can be refreshed - $this->updateToken($token); + $this->tokenProvider->updateTokenActivity($token); } /** @@ -541,7 +540,7 @@ class Session implements IUserSession, Emitter { $result = $this->loginWithToken($token->getUID()); if ($result) { // Login success - $this->updateToken($token); + $this->tokenProvider->updateTokenActivity($token); return true; } } @@ -551,19 +550,6 @@ class Session implements IUserSession, Emitter { return false; } - /** - * @param IToken $token - */ - private function updateToken(IToken $token) { - // To save unnecessary DB queries, this is only done once a minute - $lastTokenUpdate = $this->session->get('last_token_update') ? : 0; - $now = $this->timeFacory->getTime(); - if ($lastTokenUpdate < ($now - 60)) { - $this->tokenProvider->updateToken($token); - $this->session->set('last_token_update', $now); - } - } - /** * Tries to login the user with auth token header * -- cgit v1.2.3