From f1400b9b4867553f8fa8aab09d832dec2fdcecde Mon Sep 17 00:00:00 2001
From: Kristine Bujold <kristine.bujold@windriver.com>
Date: Mon, 18 Jun 2018 17:13:03 -0400
Subject: [PATCH] Fix horizon user session timeout

Made changes so that the date to expire (when the user will be logged
out) is based on the time the user logged in and not the time that the
user last interacted with Horizon.

Story: 2002862
Task: 22811

Change-Id: I8ef4597e19cab364002c6a22e60ea8fc32af2a59
Signed-off-by: Don Penney <don.penney@windriver.com>
Signed-off-by: Jack Ding <jack.ding@windriver.com>
---
 .../centos/meta_patches/PATCH_ORDER           |  3 +-
 ...spec-include-fix_for_session_timeout.patch | 32 +++++++++++
 .../patches/fix_for_session_timeout.patch     | 53 +++++++++++++++++++
 3 files changed, 87 insertions(+), 1 deletion(-)
 create mode 100644 devtools/python/python-django/centos/meta_patches/spec-include-fix_for_session_timeout.patch
 create mode 100644 devtools/python/python-django/centos/patches/fix_for_session_timeout.patch

diff --git a/devtools/python/python-django/centos/meta_patches/PATCH_ORDER b/devtools/python/python-django/centos/meta_patches/PATCH_ORDER
index 8d18985c6..cb7145950 100644
--- a/devtools/python/python-django/centos/meta_patches/PATCH_ORDER
+++ b/devtools/python/python-django/centos/meta_patches/PATCH_ORDER
@@ -2,4 +2,5 @@ spec-include-TiS-patches.patch
 0001-Update-package-versioning-for-TIS-format.patch
 fix-build-failures-due-to-unwanted-sgid.patch
 meta-size-number-format.patch
-spec-patch-to-remove-SmartyPants.patch
\ No newline at end of file
+spec-patch-to-remove-SmartyPants.patch
+spec-include-fix_for_session_timeout.patch
diff --git a/devtools/python/python-django/centos/meta_patches/spec-include-fix_for_session_timeout.patch b/devtools/python/python-django/centos/meta_patches/spec-include-fix_for_session_timeout.patch
new file mode 100644
index 000000000..cd8f5179c
--- /dev/null
+++ b/devtools/python/python-django/centos/meta_patches/spec-include-fix_for_session_timeout.patch
@@ -0,0 +1,32 @@
+From 7938c48a4819e91810711759a2d56f51c0ddd43d Mon Sep 17 00:00:00 2001
+From: Kristine Bujold <kristine.bujold@windriver.com>
+Date: Wed, 6 Jun 2018 07:18:48 -0400
+Subject: [PATCH 1/1] Adding patch file
+
+---
+ SPECS/python-django.spec | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/SPECS/python-django.spec b/SPECS/python-django.spec
+index 827d08f..d642496 100644
+--- a/SPECS/python-django.spec
++++ b/SPECS/python-django.spec
+@@ -43,6 +43,7 @@ Patch0:         python-django-1.8.3-shell-completion.patch
+ Patch1:         session-filebase-backend-fix.patch
+ Patch2:         size-number-format.patch
+ Patch3:         remove-SmartyPantsHTMLTranslator.patch
++Patch4:         fix_for_session_timeout.patch
+ 
+ BuildArch:      noarch
+ BuildRequires:  python2-devel
+@@ -158,6 +159,7 @@ rm -rf Django.egg-info
+ %patch1 -p1
+ %patch2 -p1
+ %patch3 -p1
++%patch4 -p1
+ 
+ # empty files
+ for f in \
+-- 
+1.8.3.1
+
diff --git a/devtools/python/python-django/centos/patches/fix_for_session_timeout.patch b/devtools/python/python-django/centos/patches/fix_for_session_timeout.patch
new file mode 100644
index 000000000..8f978fcda
--- /dev/null
+++ b/devtools/python/python-django/centos/patches/fix_for_session_timeout.patch
@@ -0,0 +1,53 @@
+From 96faa7c807d77a7d3499a9c78f5fd16cb53543bf Mon Sep 17 00:00:00 2001
+From: Kristine Bujold <kristine.bujold@windriver.com>
+Date: Wed, 6 Jun 2018 07:11:04 -0400
+Subject: [PATCH 1/1] Fix horizon user session timeout
+
+---
+ django/contrib/sessions/backends/file.py | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/django/contrib/sessions/backends/file.py b/django/contrib/sessions/backends/file.py
+index 2b10b3e..28aad15 100644
+--- a/django/contrib/sessions/backends/file.py
++++ b/django/contrib/sessions/backends/file.py
+@@ -71,16 +71,22 @@ class SessionStore(SessionBase):
+             modification = datetime.datetime.fromtimestamp(modification)
+         return modification
+ 
++    # Fix horizon user session timeout
+     def _expiry_date(self, session_data):  
+         """  
+         Return the expiry time of the file storing the session's content.
+         """
++        expiry_date = None
+         expiry = session_data.get('_session_expiry')
+-        if not expiry:
+-            expiry = self._last_modification() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
+-        elif not isinstance(expiry, datetime.datetime):
+-            expiry = self._last_modification() + datetime.timedelta(seconds=expiry)
+-        return expiry
++        login_date = session_data.get('_user_login')
++
++        if login_date:
++            if not expiry:
++                expiry_date = login_date + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
++            elif not isinstance(expiry, datetime.datetime):
++                expiry_date = login_date + datetime.timedelta(seconds=expiry)
++
++        return expiry_date
+ 
+     def load(self):
+         session_data = {}
+@@ -99,7 +105,7 @@ class SessionStore(SessionBase):
+                         logger.warning(force_text(e))
+                     self.create()
+ 
+-                # Remove expired sessions.
++                # Remove expired sessions based on user login time
+                 expiry_age = self.get_expiry_age(expiry=self._expiry_date(session_data))
+                 if expiry_age < 0:
+                     session_data = {}
+-- 
+1.8.3.1
+