baoshuo/S2OJ
baoshuo/S2OJ
1
1
Fork 0
mirror of https://github.com/renbaoshuo/S2OJ.git synced 2024-11-22 18:48:41 +00:00
Code Issues Actions Packages Releases Activity

feat: re-login every week

Browse Source
This commit is contained in:
Baoshuo Ren 2022-10-04 14:58:46 +08:00
parent cbe9f77cca
commit c30374732e
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
db/app_uoj233.sql
View File

@ -813,6 +813,7 @@ CREATE TABLE `user_info` (
`http_x_forwarded_for` varchar(50) NOT NULL, `http_x_forwarded_for` varchar(50) NOT NULL,
`remember_token` char(60) NOT NULL, `remember_token` char(60) NOT NULL,
`motto` varchar(200) NOT NULL, `motto` varchar(200) NOT NULL,
`last_login` datetime NOT NULL,
PRIMARY KEY (`username`), PRIMARY KEY (`username`),
KEY `ac_num` (`ac_num`,`username`) KEY `ac_num` (`ac_num`,`username`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4; ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;

17
web/app/models/Auth.php
View File

@ -22,16 +22,18 @@ class Auth {
$remember_token = DB::selectFirst("select remember_token from user_info where username = '$username'")['remember_token']; $remember_token = DB::selectFirst("select remember_token from user_info where username = '$username'")['remember_token'];
if ($remember_token == '') { if ($remember_token == '') {
$remember_token = uojRandString(60); $remember_token = uojRandString(60);
DB::update("update user_info set remember_token = '$remember_token' where username = '$username'"); DB::update("update user_info set remember_token = '$remember_token', last_login = now() where username = '$username'");
} }
$expire = time() + 60 * 60 * 24 * 365 * 10; $_SESSION['last_login'] = time();
$expire = time() + 60 * 60 * 24 * 7;
Cookie::safeSet('uoj_username', $username, $expire, '/', array('httponly' => true)); Cookie::safeSet('uoj_username', $username, $expire, '/', array('httponly' => true));
Cookie::safeSet('uoj_remember_token', $remember_token, $expire, '/', array('httponly' => true)); Cookie::safeSet('uoj_remember_token', $remember_token, $expire, '/', array('httponly' => true));
} }
} }
public static function logout() { public static function logout() {
unset($_SESSION['username']); unset($_SESSION['username']);
unset($_SESSION['last_login']);
unset($_SESSION['last_visited']); unset($_SESSION['last_visited']);
Cookie::safeUnset('uoj_username', '/'); Cookie::safeUnset('uoj_username', '/');
Cookie::safeUnset('uoj_remember_token', '/'); Cookie::safeUnset('uoj_remember_token', '/');
@ -70,14 +72,21 @@ class Auth {
global $myUser; global $myUser;
Auth::initMyUser(); Auth::initMyUser();
if ($myUser) { if ($myUser) {
if ($myUser['usergroup'] == 'B') { if ($myUser['usergroup'] == 'B') {
$myUser = null; $myUser = null;
} }
} }
if ($myUser) { if ($myUser) {
DB::update("update user_info set remote_addr = '".DB::escape($_SERVER['REMOTE_ADDR'])."', http_x_forwarded_for = '".DB::escape($_SERVER['HTTP_X_FORWARDED_FOR'])."' where username = '".DB::escape($myUser['username'])."'"); if (!isset($_SESSION['last_login']) || (time() - $_SESSION['last_login']) > 60 * 60 * 24 * 7) { // 1 week
$_SESSION['last_visited'] = time(); Auth::logout();
$myUser = null;
}
$_SESSION["last_visited"] = time();
DB::update("update user_info set remote_addr = '".DB::escape($_SERVER['REMOTE_ADDR'])."', http_x_forwarded_for = '".DB::escape($_SERVER['HTTP_X_FORWARDED_FOR'])."', last_visited = now() where username = '".DB::escape($myUser['username'])."'");
} }
} }
} }