PLT-7633 (E20) Add session idle timeout config setting (#7524)

* Add session idle timeout config setting

* Modify config setting name to SessionIdleTimeoutInMinutes

* Small re-org of if statement

* Merge with latest master

1 files changed, 12 insertions, 0 deletions

diff --git a/app/session.go b/app/session.go
index f0245acba..0e7701135 100644
--- a/app/session.go
+++ b/app/session.go
@@ -71,6 +71,18 @@ func (a *App) GetSession(token string) (*model.Session, *model.AppError) {
 		return nil, model.NewAppError("GetSession", "api.context.invalid_token.error", map[string]interface{}{"Token": token}, "", http.StatusUnauthorized)
 	}
 
+	if *utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes > 0 &&
+		utils.IsLicensed() && *utils.License().Features.Compliance &&
+		session != nil && !session.IsOAuth && !session.IsMobileApp() &&
+		session.Props[model.SESSION_PROP_TYPE] != model.SESSION_TYPE_USER_ACCESS_TOKEN {
+
+		timeout := int64(*utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes) * 1000 * 60
+		if model.GetMillis()-session.LastActivityAt > timeout {
+			a.RevokeSessionById(session.Id)
+			return nil, model.NewAppError("GetSession", "api.context.invalid_token.error", map[string]interface{}{"Token": token}, "idle timeout", http.StatusUnauthorized)
+		}
+	}
+
 	return session, nil
 }