LPK-6546: Check session for expiry when authorizing

project.clj

@@ -1,4 +1,4 @@
-(defproject lupapiste/document-search-commons "1.0.7"
+(defproject lupapiste/document-search-commons "1.1.0"
   :description "Common document search related code shared between lupadoku and onkalo applications"
   :url "https://www.lupapiste.fi"
   :license {:name "European Union Public License"
@@ -29,7 +29,7 @@
                  [cljsjs/openlayers "4.4.1-1"]
                  [tailrecursion/cljson "1.0.7"]
                  [alandipert/storage-atom "2.0.1"]]
-  :profiles {:provided {:dependencies [[lupapiste/commons "4.1.1" :exclusions [commons-logging commons-codec]]]}}
+  :profiles {:provided {:dependencies [[lupapiste/commons "5.0.0" :exclusions [commons-logging commons-codec]]]}}
   :plugins [[deraen/lein-sass4clj "0.3.1"]]
   :source-paths ["src/clj" "src/cljc" "src/cljs"]
   :test-paths ["test/clj" "test/cljc"]

src/clj/search_commons/authorization.clj

@@ -1,5 +1,5 @@
 (ns search-commons.authorization
-  (:require [clojure.set :refer [intersection]]
+  (:require [lupapiste-commons.ring.session-timeout :as commons-session-timeout]
             [search-commons.i18n :refer [t]]))
 
 
@@ -27,8 +27,9 @@
 (defn wrap-user-authorization [handler tr-data required-roles & [redirect-path]]
   (fn [request]
     (let [lang (or (keyword (get-in request [:headers "Accept-Language"])) :fi)]
-      (if-let [user (or (get-in request [:session :user])
-                        (:autologin-user request))]
+      (if-let [user (and (not (commons-session-timeout/session-expired? request))
+                         (or (get-in request [:session :user])
+                             (:autologin-user request)))]
         (if (not (every? nil? (mapv (fn [role] (user-is-authorized? user role)) required-roles)))
           (let [response (-> (assoc request :user user)
                              (handler))]