summaryrefslogtreecommitdiffstats
path: root/app/session.go
diff options
context:
space:
mode:
Diffstat (limited to 'app/session.go')
-rw-r--r--app/session.go12
1 files changed, 12 insertions, 0 deletions
diff --git a/app/session.go b/app/session.go
index f0245acba..0e7701135 100644
--- a/app/session.go
+++ b/app/session.go
@@ -71,6 +71,18 @@ func (a *App) GetSession(token string) (*model.Session, *model.AppError) {
return nil, model.NewAppError("GetSession", "api.context.invalid_token.error", map[string]interface{}{"Token": token}, "", http.StatusUnauthorized)
}
+ if *utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes > 0 &&
+ utils.IsLicensed() && *utils.License().Features.Compliance &&
+ session != nil && !session.IsOAuth && !session.IsMobileApp() &&
+ session.Props[model.SESSION_PROP_TYPE] != model.SESSION_TYPE_USER_ACCESS_TOKEN {
+
+ timeout := int64(*utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes) * 1000 * 60
+ if model.GetMillis()-session.LastActivityAt > timeout {
+ a.RevokeSessionById(session.Id)
+ return nil, model.NewAppError("GetSession", "api.context.invalid_token.error", map[string]interface{}{"Token": token}, "idle timeout", http.StatusUnauthorized)
+ }
+ }
+
return session, nil
}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-02 05:30:10 +0000