feat: refresh session after logout

2024-11-25 14:18:42 +00:00 · 2023-01-30 11:53:02 +08:00 · 2023-01-30 11:53:02 +08:00 · 78d8418c27
commit 78d8418c27
parent 886fb1a2fa
3 changed files with 32 additions and 31 deletions
--- a/web/.htaccess
+++ b/web/.htaccess
@ -2,10 +2,10 @@ Options -Indexes
 php_value session.save_path /var/lib/php/uoj_sessions
 php_value session.gc_maxlifetime 172800
-php_value session.cookie_lifetime 31536000
+php_value session.cookie_lifetime 604800
-php_value post_max_size 1000M
+php_value post_max_size 1024M
-php_value upload_max_filesize 1000M
+php_value upload_max_filesize 1024M
 php_value session.gc_probability 1
 php_value session.gc_divisor 1000
--- a/web/app/controllers/login.php
+++ b/web/app/controllers/login.php
@ -42,7 +42,7 @@ function handleLoginPost() {
 		return 'account:' . $account_status;
 	}
-	Auth::login($user['username']);
+	Auth::login($user['username'], false);
 	return "ok";
 }
--- a/web/app/models/Auth.php
+++ b/web/app/models/Auth.php
@ -33,6 +33,7 @@ class Auth {
 				"select remember_token from user_info",
 				"where", ["username" => $username]
 			]);
 			if ($remember_token == '') {
 				$remember_token = uojRandString(60);
 				DB::update([
@ -54,10 +55,10 @@ class Auth {
 			"where", ["username" => $username]
 		]);
 	}
 	public static function logout() {
-		unset($_SESSION['username']);
+		session_unset();
-		unset($_SESSION['last_login']);
+		Cookie::safeUnset(session_name(), '/');
 		unset($_SESSION['last_visited']);
 		Cookie::safeUnset('uoj_username', '/');
 		Cookie::safeUnset('uoj_remember_token', '/');
 		DB::update([