Fix horizon user session timeout

Made changes so that the date to expire (when the user will be logged
out) is based on the time the user logged in and not the time that the
user last interacted with Horizon.

Story: 2002862
Task: 22811

Change-Id: I8ef4597e19cab364002c6a22e60ea8fc32af2a59
Signed-off-by: Don Penney <don.penney@windriver.com>
Signed-off-by: Jack Ding <jack.ding@windriver.com>
This commit is contained in:
Kristine Bujold 2018-06-18 17:13:03 -04:00 committed by Jack Ding
parent 2b2aede21f
commit f1400b9b48
3 changed files with 87 additions and 1 deletions

View File

@ -3,3 +3,4 @@ spec-include-TiS-patches.patch
fix-build-failures-due-to-unwanted-sgid.patch
meta-size-number-format.patch
spec-patch-to-remove-SmartyPants.patch
spec-include-fix_for_session_timeout.patch

View File

@ -0,0 +1,32 @@
From 7938c48a4819e91810711759a2d56f51c0ddd43d Mon Sep 17 00:00:00 2001
From: Kristine Bujold <kristine.bujold@windriver.com>
Date: Wed, 6 Jun 2018 07:18:48 -0400
Subject: [PATCH 1/1] Adding patch file
---
SPECS/python-django.spec | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SPECS/python-django.spec b/SPECS/python-django.spec
index 827d08f..d642496 100644
--- a/SPECS/python-django.spec
+++ b/SPECS/python-django.spec
@@ -43,6 +43,7 @@ Patch0: python-django-1.8.3-shell-completion.patch
Patch1: session-filebase-backend-fix.patch
Patch2: size-number-format.patch
Patch3: remove-SmartyPantsHTMLTranslator.patch
+Patch4: fix_for_session_timeout.patch
BuildArch: noarch
BuildRequires: python2-devel
@@ -158,6 +159,7 @@ rm -rf Django.egg-info
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
# empty files
for f in \
--
1.8.3.1

View File

@ -0,0 +1,53 @@
From 96faa7c807d77a7d3499a9c78f5fd16cb53543bf Mon Sep 17 00:00:00 2001
From: Kristine Bujold <kristine.bujold@windriver.com>
Date: Wed, 6 Jun 2018 07:11:04 -0400
Subject: [PATCH 1/1] Fix horizon user session timeout
---
django/contrib/sessions/backends/file.py | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/django/contrib/sessions/backends/file.py b/django/contrib/sessions/backends/file.py
index 2b10b3e..28aad15 100644
--- a/django/contrib/sessions/backends/file.py
+++ b/django/contrib/sessions/backends/file.py
@@ -71,16 +71,22 @@ class SessionStore(SessionBase):
modification = datetime.datetime.fromtimestamp(modification)
return modification
+ # Fix horizon user session timeout
def _expiry_date(self, session_data):
"""
Return the expiry time of the file storing the session's content.
"""
+ expiry_date = None
expiry = session_data.get('_session_expiry')
- if not expiry:
- expiry = self._last_modification() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
- elif not isinstance(expiry, datetime.datetime):
- expiry = self._last_modification() + datetime.timedelta(seconds=expiry)
- return expiry
+ login_date = session_data.get('_user_login')
+
+ if login_date:
+ if not expiry:
+ expiry_date = login_date + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
+ elif not isinstance(expiry, datetime.datetime):
+ expiry_date = login_date + datetime.timedelta(seconds=expiry)
+
+ return expiry_date
def load(self):
session_data = {}
@@ -99,7 +105,7 @@ class SessionStore(SessionBase):
logger.warning(force_text(e))
self.create()
- # Remove expired sessions.
+ # Remove expired sessions based on user login time
expiry_age = self.get_expiry_age(expiry=self._expiry_date(session_data))
if expiry_age < 0:
session_data = {}
--
1.8.3.1