PLT-7633 (E20) Add session idle timeout config setting (#7524)

* Add session idle timeout config setting * Modify config setting name to SessionIdleTimeoutInMinutes * Small re-org of if statement * Merge with latest master
author: Joram Wilander <jwawilander@gmail.com> 2017-09-28 09:04:52 -0400
committer: George Goldberg <george@gberg.me> 2017-09-28 14:04:52 +0100
commit: 15b361094a64fe024db6d3eaf9539143cee73ce4 (patch)
tree: 9ff071eec6aa408b81484fb9e73340ed7ef3dbe3 /app/session_test.go
parent: 8d662105d3049a5cd67a7bf42ab70d479d4348e2 (diff)
download: chat-15b361094a64fe024db6d3eaf9539143cee73ce4.tar.gz
chat-15b361094a64fe024db6d3eaf9539143cee73ce4.tar.bz2
chat-15b361094a64fe024db6d3eaf9539143cee73ce4.zip
1 files changed, 119 insertions, 0 deletions
diff --git a/app/session_test.go b/app/session_test.go
index e91132a8a..c001655db 100644
--- a/app/session_test.go
+++ b/app/session_test.go
@@ -7,6 +7,10 @@ import (
 	"testing"
 
 	"github.com/mattermost/mattermost-server/model"
+	"github.com/mattermost/mattermost-server/utils"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestCache(t *testing.T) {
@@ -32,3 +36,118 @@ func TestCache(t *testing.T) {
 		t.Fatal("should have one less")
 	}
 }
+
+func TestGetSessionIdleTimeoutInMinutes(t *testing.T) {
+	th := Setup().InitBasic()
+
+	session := &model.Session{
+		UserId: model.NewId(),
+	}
+
+	session, _ = th.App.CreateSession(session)
+
+	isLicensed := utils.IsLicensed()
+	license := utils.License()
+	timeout := *utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes
+	defer func() {
+		utils.SetIsLicensed(isLicensed)
+		utils.SetLicense(license)
+		*utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes = timeout
+	}()
+	utils.SetIsLicensed(true)
+	utils.SetLicense(&model.License{Features: &model.Features{}})
+	utils.License().Features.SetDefaults()
+	*utils.License().Features.Compliance = true
+	*utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes = 5
+
+	rsession, err := th.App.GetSession(session.Token)
+	require.Nil(t, err)
+	assert.Equal(t, rsession.Id, session.Id)
+
+	rsession, err = th.App.GetSession(session.Token)
+
+	// Test regular session, should timeout
+	time := session.LastActivityAt - (1000 * 60 * 6)
+	<-th.App.Srv.Store.Session().UpdateLastActivityAt(session.Id, time)
+	th.App.ClearSessionCacheForUserSkipClusterSend(session.UserId)
+
+	rsession, err = th.App.GetSession(session.Token)
+	require.NotNil(t, err)
+	assert.Equal(t, "api.context.invalid_token.error", err.Id)
+	assert.Equal(t, "idle timeout", err.DetailedError)
+	assert.Nil(t, rsession)
+
+	// Test mobile session, should not timeout
+	session = &model.Session{
+		UserId:   model.NewId(),
+		DeviceId: "android:" + model.NewId(),
+	}
+
+	session, _ = th.App.CreateSession(session)
+	time = session.LastActivityAt - (1000 * 60 * 6)
+	<-th.App.Srv.Store.Session().UpdateLastActivityAt(session.Id, time)
+	th.App.ClearSessionCacheForUserSkipClusterSend(session.UserId)
+
+	_, err = th.App.GetSession(session.Token)
+	assert.Nil(t, err)
+
+	// Test oauth session, should not timeout
+	session = &model.Session{
+		UserId:  model.NewId(),
+		IsOAuth: true,
+	}
+
+	session, _ = th.App.CreateSession(session)
+	time = session.LastActivityAt - (1000 * 60 * 6)
+	<-th.App.Srv.Store.Session().UpdateLastActivityAt(session.Id, time)
+	th.App.ClearSessionCacheForUserSkipClusterSend(session.UserId)
+
+	_, err = th.App.GetSession(session.Token)
+	assert.Nil(t, err)
+
+	// Test personal access token session, should not timeout
+	session = &model.Session{
+		UserId: model.NewId(),
+	}
+	session.AddProp(model.SESSION_PROP_TYPE, model.SESSION_TYPE_USER_ACCESS_TOKEN)
+
+	session, _ = th.App.CreateSession(session)
+	time = session.LastActivityAt - (1000 * 60 * 6)
+	<-th.App.Srv.Store.Session().UpdateLastActivityAt(session.Id, time)
+	th.App.ClearSessionCacheForUserSkipClusterSend(session.UserId)
+
+	_, err = th.App.GetSession(session.Token)
+	assert.Nil(t, err)
+
+	// Test regular session with license off, should not timeout
+	*utils.License().Features.Compliance = false
+
+	session = &model.Session{
+		UserId: model.NewId(),
+	}
+
+	session, _ = th.App.CreateSession(session)
+	time = session.LastActivityAt - (1000 * 60 * 6)
+	<-th.App.Srv.Store.Session().UpdateLastActivityAt(session.Id, time)
+	th.App.ClearSessionCacheForUserSkipClusterSend(session.UserId)
+
+	_, err = th.App.GetSession(session.Token)
+	assert.Nil(t, err)
+
+	*utils.License().Features.Compliance = true
+
+	// Test regular session with timeout set to 0, should not timeout
+	*utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes = 0
+
+	session = &model.Session{
+		UserId: model.NewId(),
+	}
+
+	session, _ = th.App.CreateSession(session)
+	time = session.LastActivityAt - (1000 * 60 * 6)
+	<-th.App.Srv.Store.Session().UpdateLastActivityAt(session.Id, time)
+	th.App.ClearSessionCacheForUserSkipClusterSend(session.UserId)
+
+	_, err = th.App.GetSession(session.Token)
+	assert.Nil(t, err)
+}
author	Joram Wilander <jwawilander@gmail.com>	2017-09-28 09:04:52 -0400
committer	George Goldberg <george@gberg.me>	2017-09-28 14:04:52 +0100
commit	15b361094a64fe024db6d3eaf9539143cee73ce4 (patch)
tree	9ff071eec6aa408b81484fb9e73340ed7ef3dbe3 /app/session_test.go
parent	8d662105d3049a5cd67a7bf42ab70d479d4348e2 (diff)
download	chat-15b361094a64fe024db6d3eaf9539143cee73ce4.tar.gz chat-15b361094a64fe024db6d3eaf9539143cee73ce4.tar.bz2 chat-15b361094a64fe024db6d3eaf9539143cee73ce4.zip