Fix horizon user session timeout

Made changes so that the date to expire (when the user will be logged
out) is based on the time the user logged in and not the time that the
user last interacted with Horizon.

Story: 2002862
Task: 22811

Change-Id: I8ef4597e19cab364002c6a22e60ea8fc32af2a59
Signed-off-by: Don Penney <don.penney@windriver.com>
Signed-off-by: Jack Ding <jack.ding@windriver.com>

devtools/python/python-django/centos/meta_patches/PATCH_ORDER

@@ -3,3 +3,4 @@ spec-include-TiS-patches.patch
 fix-build-failures-due-to-unwanted-sgid.patch
 meta-size-number-format.patch
 spec-patch-to-remove-SmartyPants.patch
+spec-include-fix_for_session_timeout.patch

devtools/python/python-django/centos/meta_patches/spec-include-fix_for_session_timeout.patch

@@ -0,0 +1,32 @@
+From 7938c48a4819e91810711759a2d56f51c0ddd43d Mon Sep 17 00:00:00 2001
+From: Kristine Bujold <kristine.bujold@windriver.com>
+Date: Wed, 6 Jun 2018 07:18:48 -0400
+Subject: [PATCH 1/1] Adding patch file
+
+---
+ SPECS/python-django.spec | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/SPECS/python-django.spec b/SPECS/python-django.spec
+index 827d08f..d642496 100644
+--- a/SPECS/python-django.spec
++++ b/SPECS/python-django.spec
+@@ -43,6 +43,7 @@ Patch0:         python-django-1.8.3-shell-completion.patch
+ Patch1:         session-filebase-backend-fix.patch
+ Patch2:         size-number-format.patch
+ Patch3:         remove-SmartyPantsHTMLTranslator.patch
++Patch4:         fix_for_session_timeout.patch
+ 
+ BuildArch:      noarch
+ BuildRequires:  python2-devel
+@@ -158,6 +159,7 @@ rm -rf Django.egg-info
+ %patch1 -p1
+ %patch2 -p1
+ %patch3 -p1
++%patch4 -p1
+ 
+ # empty files
+ for f in \
+-- 
+1.8.3.1
+

devtools/python/python-django/centos/patches/fix_for_session_timeout.patch

@@ -0,0 +1,53 @@
+From 96faa7c807d77a7d3499a9c78f5fd16cb53543bf Mon Sep 17 00:00:00 2001
+From: Kristine Bujold <kristine.bujold@windriver.com>
+Date: Wed, 6 Jun 2018 07:11:04 -0400
+Subject: [PATCH 1/1] Fix horizon user session timeout
+
+---
+ django/contrib/sessions/backends/file.py | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/django/contrib/sessions/backends/file.py b/django/contrib/sessions/backends/file.py
+index 2b10b3e..28aad15 100644
+--- a/django/contrib/sessions/backends/file.py
++++ b/django/contrib/sessions/backends/file.py
+@@ -71,16 +71,22 @@ class SessionStore(SessionBase):
+             modification = datetime.datetime.fromtimestamp(modification)
+         return modification
+ 
++    # Fix horizon user session timeout
+     def _expiry_date(self, session_data):  
+         """  
+         Return the expiry time of the file storing the session's content.
+         """
++        expiry_date = None
+         expiry = session_data.get('_session_expiry')
+-        if not expiry:
+-            expiry = self._last_modification() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
+-        elif not isinstance(expiry, datetime.datetime):
+-            expiry = self._last_modification() + datetime.timedelta(seconds=expiry)
+-        return expiry
++        login_date = session_data.get('_user_login')
++
++        if login_date:
++            if not expiry:
++                expiry_date = login_date + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
++            elif not isinstance(expiry, datetime.datetime):
++                expiry_date = login_date + datetime.timedelta(seconds=expiry)
++
++        return expiry_date
+ 
+     def load(self):
+         session_data = {}
+@@ -99,7 +105,7 @@ class SessionStore(SessionBase):
+                         logger.warning(force_text(e))
+                     self.create()
+ 
+-                # Remove expired sessions.
++                # Remove expired sessions based on user login time
+                 expiry_age = self.get_expiry_age(expiry=self._expiry_date(session_data))
+                 if expiry_age < 0:
+                     session_data = {}
+-- 
+1.8.3.1
+