diff options
Diffstat (limited to 'app/session.go')
-rw-r--r-- | app/session.go | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/app/session.go b/app/session.go index f0245acba..0e7701135 100644 --- a/app/session.go +++ b/app/session.go @@ -71,6 +71,18 @@ func (a *App) GetSession(token string) (*model.Session, *model.AppError) { return nil, model.NewAppError("GetSession", "api.context.invalid_token.error", map[string]interface{}{"Token": token}, "", http.StatusUnauthorized) } + if *utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes > 0 && + utils.IsLicensed() && *utils.License().Features.Compliance && + session != nil && !session.IsOAuth && !session.IsMobileApp() && + session.Props[model.SESSION_PROP_TYPE] != model.SESSION_TYPE_USER_ACCESS_TOKEN { + + timeout := int64(*utils.Cfg.ServiceSettings.SessionIdleTimeoutInMinutes) * 1000 * 60 + if model.GetMillis()-session.LastActivityAt > timeout { + a.RevokeSessionById(session.Id) + return nil, model.NewAppError("GetSession", "api.context.invalid_token.error", map[string]interface{}{"Token": token}, "idle timeout", http.StatusUnauthorized) + } + } + return session, nil } |