From e87e065100cfa985ad830ef4c78f2dda292e74e0 Mon Sep 17 00:00:00 2001 From: zadam Date: Fri, 13 May 2022 23:20:56 +0200 Subject: [PATCH] protected session expiration timer moved to backend, closes #2847 --- .../app/services/protected_session_holder.js | 16 ++---------- src/public/app/services/utils.js | 2 +- src/routes/api/login.js | 7 +++++- src/routes/routes.js | 1 + src/services/protected_session.js | 25 ++++++++++++++++++- 5 files changed, 34 insertions(+), 17 deletions(-) diff --git a/src/public/app/services/protected_session_holder.js b/src/public/app/services/protected_session_holder.js index 86ff20b2b..8fdae303c 100644 --- a/src/public/app/services/protected_session_holder.js +++ b/src/public/app/services/protected_session_holder.js @@ -1,17 +1,5 @@ -import options from './options.js'; import server from "./server.js"; -let lastProtectedSessionOperationDate = 0; - -setInterval(() => { - const protectedSessionTimeout = options.getInt('protectedSessionTimeout'); - if (lastProtectedSessionOperationDate - && Date.now() - lastProtectedSessionOperationDate > protectedSessionTimeout * 1000) { - - resetProtectedSession(); - } -}, 10000); - function enableProtectedSession() { glob.isProtectedSessionAvailable = true; @@ -26,9 +14,9 @@ function isProtectedSessionAvailable() { return glob.isProtectedSessionAvailable; } -function touchProtectedSession() { +async function touchProtectedSession() { if (isProtectedSessionAvailable()) { - lastProtectedSessionOperationDate = Date.now(); + await server.post("login/protected/touch"); } } diff --git a/src/public/app/services/utils.js b/src/public/app/services/utils.js index 27db3e5a4..9facea6f8 100644 --- a/src/public/app/services/utils.js +++ b/src/public/app/services/utils.js @@ -363,7 +363,7 @@ function sleep(time_ms) { return new Promise((resolve) => { setTimeout(resolve, time_ms); }); -}; +} export default { reloadFrontendApp, diff --git a/src/routes/api/login.js b/src/routes/api/login.js index fa8685d8a..89d3ec4d7 100644 --- a/src/routes/api/login.js +++ b/src/routes/api/login.js @@ -83,6 +83,10 @@ function logoutFromProtectedSession() { ws.sendMessageToAllClients({ type: 'protectedSessionLogout' }); } +function touchProtectedSession() { + protectedSessionService.touchProtectedSession(); +} + function token(req) { const password = req.body.password; @@ -92,7 +96,7 @@ function token(req) { // for backwards compatibility with Sender which does not send the name const tokenName = req.body.tokenName || "Trilium Sender / Web Clipper"; - + const {authToken} = etapiTokenService.createToken(tokenName); return { token: authToken }; @@ -102,5 +106,6 @@ module.exports = { loginSync, loginToProtectedSession, logoutFromProtectedSession, + touchProtectedSession, token }; diff --git a/src/routes/routes.js b/src/routes/routes.js index eb4308318..b51f1a521 100644 --- a/src/routes/routes.js +++ b/src/routes/routes.js @@ -359,6 +359,7 @@ function register(app) { route(POST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler); // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username) apiRoute(POST, '/api/login/protected', loginApiRoute.loginToProtectedSession); + apiRoute(POST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession); apiRoute(POST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession); route(POST, '/api/login/token', [], loginApiRoute.token, apiResultHandler); diff --git a/src/services/protected_session.js b/src/services/protected_session.js index 7dfddc2df..ad125deca 100644 --- a/src/services/protected_session.js +++ b/src/services/protected_session.js @@ -2,6 +2,7 @@ const log = require('./log'); const dataEncryptionService = require('./data_encryption'); +const options = require("./options"); let dataKey = null; @@ -54,6 +55,27 @@ function decryptString(cipherText) { return dataEncryptionService.decryptString(getDataKey(), cipherText); } +let lastProtectedSessionOperationDate = null; + +function touchProtectedSession() { + if (isProtectedSessionAvailable()) { + lastProtectedSessionOperationDate = Date.now(); + } +} + +setInterval(() => { + const protectedSessionTimeout = options.getOptionInt('protectedSessionTimeout'); + if (isProtectedSessionAvailable() + && lastProtectedSessionOperationDate + && Date.now() - lastProtectedSessionOperationDate > protectedSessionTimeout * 1000) { + + resetDataKey(); + + require('./ws').reloadFrontend(); + } +}, 30000); + + module.exports = { setDataKey, resetDataKey, @@ -61,5 +83,6 @@ module.exports = { encrypt, decrypt, decryptString, - decryptNotes + decryptNotes, + touchProtectedSession };