Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Change JavaScript reauthentication check to check via XHR.

Benefit: Getting the real deadline this way, not interfering with an ongoing maintenance task.
  • Loading branch information...
commit 995e592a3d7e6b6778c2c3a2e9bed8e087252f57 1 parent 293fa80
@andyst andyst authored
View
21 modules/gallery/controllers/admin.php
@@ -29,6 +29,9 @@ public function __construct($theme=null) {
}
public function __call($controller_name, $args) {
+ if (Input::instance()->get("reauth_check")) {
+ return self::_reauth_check();
+ }
if (auth::must_reauth_for_admin_area()) {
return self::_prompt_for_reauth($controller_name, $args);
}
@@ -54,6 +57,24 @@ public function __call($controller_name, $args) {
call_user_func_array(array(new $controller_name, $method), $args);
}
+ private static function _reauth_check() {
+ $session = Session::instance();
+ $last_active_auth = $session->get("active_auth_timestamp", 0);
+ $last_admin_area_activity = $session->get("admin_area_activity_timestamp", 0);
+ $admin_area_timeout = module::get_var("gallery", "admin_area_timeout");
+
+ $time_remaining = max($last_active_auth, $last_admin_area_activity) +
+ $admin_area_timeout - time();
+
+ $result = new stdClass();
+ $result->result = "success";
+ if ($time_remaining < 30) {
+ $result->location = url::abs_site("");
+ }
+
+ print json_encode($result);
+ }
+
private static function _prompt_for_reauth($controller_name, $args) {
if (request::method() == "get" && !request::is_ajax()) {
// Avoid anti-phishing protection by passing the url as session variable.
View
17 modules/gallery/helpers/gallery_theme.php
@@ -92,13 +92,18 @@ static function admin_page_bottom($theme) {
}
// Redirect to the root album when the admin session expires.
- $redirect_url = url::abs_site("");
- $admin_area_timeout = 1000 * module::get_var("gallery", "admin_area_timeout");
$admin_session_redirect_check = '<script type="text/javascript">
- var page_loaded_timestamp = new Date();
- setInterval("if (new Date() - page_loaded_timestamp > ' . $admin_area_timeout .
- ') document.location = \'' . $redirect_url . '\';", 60 * 1000);
- </script>';
+ var adminReauthCheck = function() {
+ $.ajax({url: "' . url::site("admin?reauth_check=1") . '",
+ dataType: "json",
+ success: function(data){
+ if ("location" in data) {
+ document.location = data.location;
+ }
+ }});
+ };
+ setInterval("adminReauthCheck();", 60 * 1000);
+ </script>';
print $admin_session_redirect_check;
if ($session->get("l10n_mode", false)) {
Please sign in to comment.
Something went wrong with that request. Please try again.