Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
Y
yii2
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
PSDI Army
yii2
Commits
28246f49
Commit
28246f49
authored
Jul 16, 2014
by
Qiang Xue
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #4325 from nkovacs/4317-absolute-auth-timeout
absolute auth timeout
parents
c9dff530
19bbaf61
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
21 additions
and
4 deletions
+21
-4
CHANGELOG.md
framework/CHANGELOG.md
+1
-0
User.php
framework/web/User.php
+20
-4
No files found.
framework/CHANGELOG.md
View file @
28246f49
...
...
@@ -140,6 +140,7 @@ Yii Framework 2 Change Log
-
Enh #4114: Added
`Security::generateRandomBytes()`
, improved tests (samdark)
-
Enh #4209: Added
`beforeCopy`
,
`afterCopy`
,
`forceCopy`
properties to AssetManager (cebe)
-
Enh #4297: Added check for DOM extension to requirements (samdark)
-
Enh #4317: Added
`absoluteAuthTimeout`
to yii
\w
eb
\U
ser (ivokund, nkovacs)
-
Enh: Added support for using sub-queries when building a DB query with
`IN`
condition (qiangxue)
-
Enh: Supported adding a new response formatter without the need to reconfigure existing formatters (qiangxue)
-
Enh: Added
`yii\web\UrlManager::addRules()`
to simplify adding new URL rules (qiangxue)
...
...
framework/web/User.php
View file @
28246f49
...
...
@@ -99,9 +99,16 @@ class User extends Component
* @var integer the number of seconds in which the user will be logged out automatically if he
* remains inactive. If this property is not set, the user will be logged out after
* the current session expires (c.f. [[Session::timeout]]).
* Note that this will not work if [[enableAutoLogin]] is true.
*/
public
$authTimeout
;
/**
* @var integer the number of seconds in which the user will be logged out automatically
* regardless of activity.
* Note that this will not work if [[enableAutoLogin]] is true.
*/
public
$absoluteAuthTimeout
;
/**
* @var boolean whether to automatically renew the identity cookie each time a page is requested.
* This property is effective only when [[enableAutoLogin]] is true.
* When this is false, the identity cookie will expire after the specified duration since the user
...
...
@@ -120,6 +127,11 @@ class User extends Component
*/
public
$authTimeoutParam
=
'__expire'
;
/**
* @var string the session variable name used to store the value of absolute expiration timestamp of the authenticated state.
* This is used when [[absoluteAuthTimeout]] is set.
*/
public
$absoluteAuthTimeoutParam
=
'__absolute_expire'
;
/**
* @var string the session variable name used to store the value of [[returnUrl]].
*/
public
$returnUrlParam
=
'__returnUrl'
;
...
...
@@ -544,6 +556,9 @@ class User extends Component
if
(
$this
->
authTimeout
!==
null
)
{
$session
->
set
(
$this
->
authTimeoutParam
,
time
()
+
$this
->
authTimeout
);
}
if
(
$this
->
absoluteAuthTimeout
!==
null
)
{
$session
->
set
(
$this
->
absoluteAuthTimeoutParam
,
time
()
+
$this
->
absoluteAuthTimeout
);
}
if
(
$duration
>
0
&&
$this
->
enableAutoLogin
)
{
$this
->
sendIdentityCookie
(
$identity
,
$duration
);
}
...
...
@@ -577,11 +592,12 @@ class User extends Component
$this
->
setIdentity
(
$identity
);
if
(
$this
->
authTimeout
!==
null
&&
$identity
!==
null
)
{
$expire
=
$session
->
get
(
$this
->
authTimeoutParam
);
if
(
$expire
!==
null
&&
$expire
<
time
())
{
if
((
$this
->
authTimeout
!==
null
||
$this
->
absoluteAuthTimeout
!==
null
)
&&
$identity
!==
null
)
{
$expire
=
$this
->
authTimeout
!==
null
?
$session
->
get
(
$this
->
authTimeoutParam
)
:
null
;
$expireAbsolute
=
$this
->
absoluteAuthTimeout
!==
null
?
$session
->
get
(
$this
->
absoluteAuthTimeoutParam
)
:
null
;
if
(
$expire
!==
null
&&
$expire
<
time
()
||
$expireAbsolute
!==
null
&&
$expireAbsolute
<
time
())
{
$this
->
logout
(
false
);
}
else
{
}
else
if
(
$this
->
authTimeout
!==
null
)
{
$session
->
set
(
$this
->
authTimeoutParam
,
time
()
+
$this
->
authTimeout
);
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment