From c4bab8b5044db07e8e9e8cdd898019497d882e42 Mon Sep 17 00:00:00 2001
From: Frank Bergkemper <frank.bergkemper@bareos.com>
Date: Wed, 4 May 2016 17:56:15 +0200
Subject: [PATCH] Fix: Wrong cookie lifetime

Sets the cookie lifetime to zero to reset session lifetime to it's maximum with every click,
this was set to a wrong value. Also session maximum life- and idle-time is now set to
one hour by default. These settings should be configurable via an ini file in future.
In addition, the session idle-timeout controller plugin is probably no longer needed,
which would require some code cleanup.

Fixes #648: Timeout way too short and other options that need to be configurable
---
 config/autoload/global.php                                 | 7 ++++---
 .../Application/Controller/Plugin/SessionTimeoutPlugin.php | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/config/autoload/global.php b/config/autoload/global.php
index 1a343afb..38a93bbd 100644
--- a/config/autoload/global.php
+++ b/config/autoload/global.php
@@ -148,11 +148,12 @@ function read_dir_config($config, $file)
    'directors' => read_dir_config($config, $file),
    'service_manager' => array(
       'factories' => array(
-         'Zend\Db\Adapter\Adapter' => 'Zend\Db\Adapter\AdapterServiceFactory',
+         'Zend\Session\Config\ConfigInterface' => 'Zend\Session\Service\SessionConfigFactory',
+         //'Zend\Db\Adapter\Adapter' => 'Zend\Db\Adapter\AdapterServiceFactory',
       ),
       'abstract_factories' => array(
          // to allow other adapters to be called by $sm->get('adaptername')
-         'Zend\Db\Adapter\AdapterAbstractServiceFactory',
+         //'Zend\Db\Adapter\AdapterAbstractServiceFactory',
       ),
    ),
    'session' => array(
@@ -161,7 +162,7 @@ function read_dir_config($config, $file)
          'options' => array(
             'name' => 'bareos',
             'use_cookies' => true,
-            'cookie_lifetime' => '3600',
+            'cookie_lifetime' => '0', // to reset lifetime to maximum at every click
             'gc_maxlifetime' => '3600',
             'cache_expire' => 3600,
             'remember_me_seconds' => 3600,
diff --git a/module/Application/src/Application/Controller/Plugin/SessionTimeoutPlugin.php b/module/Application/src/Application/Controller/Plugin/SessionTimeoutPlugin.php
index fa27b8a3..47fce0de 100644
--- a/module/Application/src/Application/Controller/Plugin/SessionTimeoutPlugin.php
+++ b/module/Application/src/Application/Controller/Plugin/SessionTimeoutPlugin.php
@@ -11,7 +11,7 @@ public function timeout()
    {
       // preparation for setting timeout via config file:
       $this->getController()->getServiceLocator()->get('config');
-      $timeout = 600;
+      $timeout = 3600;
 
       if($_SESSION['bareos']['idletime'] + $timeout > time()) {
          $_SESSION['bareos']['idletime'] = time();