feat: allow session timeout to be configurable. closes #101

navidrome · Mar 19, 2020 · faac303 · faac303
1 parent ced87be
commit faac303
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 13 deletions.
diff --git a/conf/configuration.go b/conf/configuration.go
@@ -13,12 +13,13 @@ import (
 )
 
 type nd struct {
-	Port         string `default:"4533"`
-	MusicFolder  string `default:"./music"`
-	DataFolder   string `default:"./"`
-	ScanInterval string `default:"1m"`
-	DbPath       string
-	LogLevel     string `default:"info"`
+	Port           string `default:"4533"`
+	MusicFolder    string `default:"./music"`
+	DataFolder     string `default:"./"`
+	ScanInterval   string `default:"1m"`
+	DbPath         string ``
+	LogLevel       string `default:"info"`
+	SessionTimeout string `default:"30s"`
 
 	IgnoredArticles string `default:"The El La Los Las Le Les Os As O A"`
 	IndexGroups     string `default:"A B C D E F G H I J K L M N O P Q R S T U V W X-Z(XYZ) [Unknown]([)"`

diff --git a/consts/consts.go b/consts/consts.go
@@ -9,9 +9,9 @@ const (
 	DefaultDbPath       = "navidrome.db?cache=shared&_busy_timeout=15000&_journal_mode=WAL"
 	InitialSetupFlagKey = "InitialSetup"
 
-	JWTSecretKey       = "JWTSecret"
-	JWTIssuer          = "ND"
-	JWTTokenExpiration = 30 * time.Minute
+	JWTSecretKey          = "JWTSecret"
+	JWTIssuer             = "ND"
+	DefaultSessionTimeout = 30 * time.Minute
 
 	UIAssetsLocalPath = "ui/build"
 

diff --git a/engine/auth/auth.go b/engine/auth/auth.go
@@ -5,6 +5,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/deluan/navidrome/conf"
 	"github.com/deluan/navidrome/consts"
 	"github.com/deluan/navidrome/log"
 	"github.com/deluan/navidrome/model"
@@ -13,9 +14,10 @@ import (
 )
 
 var (
-	once      sync.Once
-	JwtSecret []byte
-	TokenAuth *jwtauth.JWTAuth
+	once           sync.Once
+	JwtSecret      []byte
+	TokenAuth      *jwtauth.JWTAuth
+	sessionTimeOut time.Duration
 )
 
 func InitTokenAuth(ds model.DataStore) {
@@ -39,8 +41,21 @@ func CreateToken(u *model.User) (string, error) {
 	return TouchToken(token)
 }
 
+func getSessionTimeOut() time.Duration {
+	if sessionTimeOut == 0 {
+		if to, err := time.ParseDuration(conf.Server.SessionTimeout); err != nil {
+			sessionTimeOut = consts.DefaultSessionTimeout
+		} else {
+			sessionTimeOut = to
+		}
+		log.Info("Setting Session Timeout", "value", sessionTimeOut)
+	}
+	return sessionTimeOut
+}
+
 func TouchToken(token *jwt.Token) (string, error) {
-	expireIn := time.Now().Add(consts.JWTTokenExpiration).Unix()
+	timeout := getSessionTimeOut()
+	expireIn := time.Now().Add(timeout).Unix()
 	claims := token.Claims.(jwt.MapClaims)
 	claims["exp"] = expireIn