Add index on 'last_activity'
add token type column and delete only temporary tokens in the background job debounce token updates; fix wrong class import
This commit is contained in:
Christoph Wurst
Thomas Müller
parent
53636c73d6
commit
8d48502187
|
|
@ -24,6 +24,7 @@ namespace OC\Core\Controller;
|
|||
|
||||
use OC\AppFramework\Http;
|
||||
use OC\Authentication\Token\DefaultTokenProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
use OC\User\Manager;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
|
|
@ -49,7 +50,7 @@ class TokenController extends Controller {
|
|||
* @param ISecureRandom $crypto
|
||||
*/
|
||||
public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider,
|
||||
ISecureRandom $crypto) {
|
||||
ISecureRandom $crypto) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->userManager = $userManager;
|
||||
$this->tokenProvider = $tokenProvider;
|
||||
|
|
@ -73,7 +74,7 @@ class TokenController extends Controller {
|
|||
return new Response([], Http::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
$token = $this->secureRandom->generate(128);
|
||||
$this->tokenProvider->generateToken($token, $user, $password, $name);
|
||||
$this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN);
|
||||
return [
|
||||
'token' => $token,
|
||||
];
|
||||
|
|
|
|||
|
|
@ -1079,6 +1079,15 @@
|
|||
<length>100</length>
|
||||
</field>
|
||||
|
||||
<field>
|
||||
<name>type</name>
|
||||
<type>integer</type>
|
||||
<default>0</default>
|
||||
<notnull>true</notnull>
|
||||
<unsigned>true</unsigned>
|
||||
<length>2</length>
|
||||
</field>
|
||||
|
||||
<field>
|
||||
<name>last_activity</name>
|
||||
<type>integer</type>
|
||||
|
|
@ -1097,6 +1106,14 @@
|
|||
</field>
|
||||
</index>
|
||||
|
||||
<index>
|
||||
<name>authtoken_last_activity_index</name>
|
||||
<field>
|
||||
<name>last_activity</name>
|
||||
<sorting>ascending</sorting>
|
||||
</field>
|
||||
</index>
|
||||
|
||||
</declaration>
|
||||
</table>
|
||||
|
||||
|
|
|
|||
|
|
@ -46,6 +46,11 @@ class DefaultToken extends Entity implements IToken {
|
|||
*/
|
||||
protected $token;
|
||||
|
||||
/**
|
||||
* @var int
|
||||
*/
|
||||
protected $type;
|
||||
|
||||
/**
|
||||
* @var int
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -50,9 +50,11 @@ class DefaultTokenMapper extends Mapper {
|
|||
*/
|
||||
public function invalidateOld($olderThan) {
|
||||
$sql = 'DELETE FROM `' . $this->getTableName() . '` '
|
||||
. 'WHERE `last_activity` < ?';
|
||||
. 'WHERE `last_activity` < ? '
|
||||
. 'AND `type` = ?';
|
||||
$this->execute($sql, [
|
||||
$olderThan
|
||||
$olderThan,
|
||||
IToken::TEMPORARY_TOKEN,
|
||||
]);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -61,14 +61,16 @@ class DefaultTokenProvider implements IProvider {
|
|||
* @param string $token
|
||||
* @param string $uid
|
||||
* @param string $password
|
||||
* @apram int $type token type
|
||||
* @return DefaultToken
|
||||
*/
|
||||
public function generateToken($token, $uid, $password, $name) {
|
||||
public function generateToken($token, $uid, $password, $name, $type = IToken::TEMPORARY_TOKEN) {
|
||||
$dbToken = new DefaultToken();
|
||||
$dbToken->setUid($uid);
|
||||
$dbToken->setPassword($this->encryptPassword($password, $token));
|
||||
$dbToken->setName($name);
|
||||
$dbToken->setToken($this->hashToken($token));
|
||||
$dbToken->setType($type);
|
||||
$dbToken->setLastActivity(time());
|
||||
|
||||
$this->mapper->insert($dbToken);
|
||||
|
|
|
|||
|
|
@ -27,6 +27,9 @@ namespace OC\Authentication\Token;
|
|||
*/
|
||||
interface IToken {
|
||||
|
||||
const TEMPORARY_TOKEN = 0;
|
||||
const PERMANENT_TOKEN = 1;
|
||||
|
||||
/**
|
||||
* Get the token ID
|
||||
*
|
||||
|
|
|
|||
|
|
@ -38,7 +38,6 @@ use OC\Authentication\Exceptions\InvalidTokenException;
|
|||
use OC\Authentication\Token\DefaultTokenProvider;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Hooks\Emitter;
|
||||
use OC\Session\Session;
|
||||
use OC_User;
|
||||
use OCA\DAV\Connector\Sabre\Auth;
|
||||
use OCP\IRequest;
|
||||
|
|
@ -73,7 +72,7 @@ class Session implements IUserSession, Emitter {
|
|||
private $manager;
|
||||
|
||||
/*
|
||||
* @var Session $session
|
||||
* @var ISession $session
|
||||
*/
|
||||
private $session;
|
||||
|
||||
|
|
@ -219,7 +218,12 @@ class Session implements IUserSession, Emitter {
|
|||
}
|
||||
|
||||
// Session is valid, so the token can be refreshed
|
||||
$this->tokenProvider->updateToken($token);
|
||||
// To save unnecessary DB queries, this is only done once a minute
|
||||
$lastTokenUpdate = $this->session->get('last_token_update') ? : 0;
|
||||
if ($lastTokenUpdate < (time () - 60)) {
|
||||
$this->tokenProvider->updateToken($token);
|
||||
$this->session->set('last_token_update', time());
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue