From 78d8418c2789eb0a33daf3b1cdf87afe6949dff5 Mon Sep 17 00:00:00 2001 From: Baoshuo Date: Mon, 30 Jan 2023 11:53:02 +0800 Subject: [PATCH] feat: refresh session after logout --- web/.htaccess | 6 ++-- web/app/controllers/login.php | 2 +- web/app/models/Auth.php | 55 ++++++++++++++++++----------------- 3 files changed, 32 insertions(+), 31 deletions(-) diff --git a/web/.htaccess b/web/.htaccess index bab8ebe..dd28dbc 100644 --- a/web/.htaccess +++ b/web/.htaccess @@ -2,10 +2,10 @@ Options -Indexes php_value session.save_path /var/lib/php/uoj_sessions php_value session.gc_maxlifetime 172800 -php_value session.cookie_lifetime 31536000 +php_value session.cookie_lifetime 604800 -php_value post_max_size 1000M -php_value upload_max_filesize 1000M +php_value post_max_size 1024M +php_value upload_max_filesize 1024M php_value session.gc_probability 1 php_value session.gc_divisor 1000 diff --git a/web/app/controllers/login.php b/web/app/controllers/login.php index 5620cdb..6d3dae5 100644 --- a/web/app/controllers/login.php +++ b/web/app/controllers/login.php @@ -42,7 +42,7 @@ function handleLoginPost() { return 'account:' . $account_status; } - Auth::login($user['username']); + Auth::login($user['username'], false); return "ok"; } diff --git a/web/app/models/Auth.php b/web/app/models/Auth.php index 12f84be..20061c8 100644 --- a/web/app/models/Auth.php +++ b/web/app/models/Auth.php @@ -16,13 +16,13 @@ class Auth { global $myUser; return $myUser; } - public static function property($name) { - global $myUser; - if (!$myUser) { - return false; - } - return $myUser[$name]; - } + public static function property($name) { + global $myUser; + if (!$myUser) { + return false; + } + return $myUser[$name]; + } public static function login($username, $remember = true) { if (!validateUsername($username)) { return; @@ -30,16 +30,17 @@ class Auth { $_SESSION['username'] = $username; if ($remember) { $remember_token = DB::selectSingle([ - "select remember_token from user_info", - "where", ["username" => $username] - ]); + "select remember_token from user_info", + "where", ["username" => $username] + ]); + if ($remember_token == '') { $remember_token = uojRandString(60); DB::update([ - "update user_info", - "set", ["remember_token" => $remember_token], - "where", ["username" => $username] - ]); + "update user_info", + "set", ["remember_token" => $remember_token], + "where", ["username" => $username] + ]); } $_SESSION['last_login'] = time(); @@ -54,26 +55,26 @@ class Auth { "where", ["username" => $username] ]); } + public static function logout() { - unset($_SESSION['username']); - unset($_SESSION['last_login']); - unset($_SESSION['last_visited']); + session_unset(); + Cookie::safeUnset(session_name(), '/'); Cookie::safeUnset('uoj_username', '/'); Cookie::safeUnset('uoj_remember_token', '/'); DB::update([ - "update user_info", - "set", ["remember_token" => ''], - "where", ["username" => Auth::id()] - ]); + "update user_info", + "set", ["remember_token" => ''], + "where", ["username" => Auth::id()] + ]); } private static function initMyUser() { global $myUser; $myUser = null; - + Cookie::safeCheck('uoj_username', '/'); Cookie::safeCheck('uoj_remember_token', '/'); - + if (isset($_SESSION['username'])) { if (!validateUsername($_SESSION['username'])) { return; @@ -97,7 +98,7 @@ class Auth { } public static function init() { global $myUser; - + Auth::initMyUser(); if ($myUser && UOJUser::getAccountStatus($myUser) != 'ok') { $myUser = null; @@ -108,9 +109,9 @@ class Auth { } $myUser = UOJUser::updateVisitHistory($myUser, [ 'remote_addr' => UOJContext::remoteAddr(), - 'http_x_forwarded_for' => UOJContext::httpXForwardedFor(), - 'http_user_agent' => UOJContext::httpUserAgent() - ]); + 'http_x_forwarded_for' => UOJContext::httpXForwardedFor(), + 'http_user_agent' => UOJContext::httpUserAgent() + ]); $_SESSION['last_visited'] = time(); } }