Merge pull request #23214 from nextcloud/backport/22937/stable19
[stable19] Allow configuring the activity update interval of token
This commit is contained in:
commit
84a58957d5
|
@ -269,6 +269,18 @@ $CONFIG = [
|
|||
*/
|
||||
'token_auth_enforced' => false,
|
||||
|
||||
/**
|
||||
* The interval at which token activity should be updated.
|
||||
* Increasing this value means that the last activty on the security page gets
|
||||
* more outdated.
|
||||
*
|
||||
* Tokens are still checked every 5 minutes for validity
|
||||
* max value: 300
|
||||
*
|
||||
* Defaults to ``300``
|
||||
*/
|
||||
'token_auth_activity_update' => 60,
|
||||
|
||||
/**
|
||||
* Whether the bruteforce protection shipped with Nextcloud should be enabled or not.
|
||||
*
|
||||
|
|
|
@ -214,9 +214,13 @@ class PublicKeyTokenProvider implements IProvider {
|
|||
if (!($token instanceof PublicKeyToken)) {
|
||||
throw new InvalidTokenException();
|
||||
}
|
||||
|
||||
$activityInterval = $this->config->getSystemValueInt('token_auth_activity_update', 60);
|
||||
$activityInterval = min(max($activityInterval, 0), 300);
|
||||
|
||||
/** @var DefaultToken $token */
|
||||
$now = $this->time->getTime();
|
||||
if ($token->getLastActivity() < ($now - 60)) {
|
||||
if ($token->getLastActivity() < ($now - $activityInterval)) {
|
||||
// Update token only once per minute
|
||||
$token->setLastActivity($now);
|
||||
$this->mapper->update($token);
|
||||
|
|
|
@ -112,6 +112,12 @@ class PublicKeyTokenProviderTest extends TestCase {
|
|||
|
||||
public function testUpdateTokenDebounce() {
|
||||
$tk = new PublicKeyToken();
|
||||
|
||||
$this->config->method('getSystemValueInt')
|
||||
->willReturnCallback(function ($value, $default) {
|
||||
return $default;
|
||||
});
|
||||
|
||||
$tk->setLastActivity($this->time - 30);
|
||||
$this->mapper->expects($this->never())
|
||||
->method('update')
|
||||
|
|
Loading…
Reference in New Issue