Address timeout issue

When configured the database will lock after a certain period of time. Every time that there is activity, the timeout counter is reset. For example, if you configure the timeout to be 600 seconds, the database will lock after 10 minutes of inactivity. If you show a password after 9 minutes and 50 seconds, the database base will stay open for another whole 10 minutes. Issue #71
pwman3 · Oct 31, 2020 · 821cfb1 · 821cfb1
1 parent d7327d1
commit 821cfb1
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 2 deletions.
diff --git a/pwman/util/crypto_engine.py b/pwman/util/crypto_engine.py
@@ -204,9 +204,16 @@ def _is_authenticated(self):
         return False
 
     def _is_timedout(self):
-        if int(time.time()) > self._expires_at:
+
+        if self._timeout < 0:
+            return False
+
+        now = int(time.time())
+        if now > self._expires_at:
             self._cipher = None
             return True
+        # reset the time
+        self._expires_at = int(time.time()) + self._timeout
         return False
 
     def changepassword(self, reader=input):

diff --git a/tests/test_crypto_engine.py b/tests/test_crypto_engine.py
@@ -91,7 +91,7 @@ def test_has_no_digits(self):
 class CryptoEngineTest(unittest.TestCase):
 
     def test4_d_get_crypto(self):
-        ce = CryptoEngine.get()
+        ce = CryptoEngine.get(timeout=10)
         ce.callback = DummyCallback()
         secret2 = ce.changepassword(reader=give_key)
         secret1 = ce.changepassword(reader=give_key)
@@ -117,6 +117,25 @@ def test6_is_timedout(self):
         self.assertIsNone(ce._cipher)
         self.assertFalse(ce._is_authenticated())
 
+    def test7_timeout_reset(self):
+        ce = CryptoEngine.get()
+        ce._expires_at = int(time.time()) + 10
+        ce._reader = give_key
+        self.assertTrue(ce.authenticate(b'12345'))
+        self.assertTrue(ce._is_authenticated())
+        expiry = ce._expires_at
+        time.sleep(1)
+        self.assertFalse(ce._is_timedout())
+        expiry_new = ce._expires_at
+        self.assertGreater(expiry_new, expiry)
+
+    def test8_never_timeout(self):
+        ce = CryptoEngine.get()
+        ce._timout = -1
+        self.assertFalse(ce._is_timedout())
+        time.sleep(1)
+        self.assertFalse(ce._is_timedout())
+
     def test_f_encrypt_decrypt(self):
         ce = CryptoEngine.get()
         ce._reader = give_key