change configuration settings in auth package

7 years ago · 0915f931ae
parent 80d0943d9d
commit 0915f931ae
4 changed files with 9 additions and 9 deletions
--- a/pkg/services/auth/authtoken/auth_token.go
+++ b/pkg/services/auth/authtoken/auth_token.go
@ -81,7 +81,7 @@ func (s *UserAuthTokenServiceImpl) LookupToken(unhashedToken string) (auth.UserT
 		s.log.Debug("looking up token", "unhashed", unhashedToken, "hashed", hashedToken)
 	}

-	expireBefore := getTime().Add(time.Duration(-86400*s.Cfg.LoginCookieMaxDays) * time.Second).Unix()
+	expireBefore := getTime().Add(time.Duration(-86400*s.Cfg.LoginMaxInactiveLifetimeDays) * time.Second).Unix()

 	var model userAuthToken
 	exists, err := s.SQLStore.NewSession().Where("(auth_token = ? OR prev_auth_token = ?) AND created_at > ?", hashedToken, hashedToken, expireBefore).Get(&model)
@ -148,7 +148,7 @@ func (s *UserAuthTokenServiceImpl) TryRotateToken(token auth.UserToken, clientIP
 	needsRotation := false
 	rotatedAt := time.Unix(model.RotatedAt, 0)
 	if model.AuthTokenSeen {
-		needsRotation = rotatedAt.Before(now.Add(-time.Duration(s.Cfg.LoginCookieRotation) * time.Minute))
+		needsRotation = rotatedAt.Before(now.Add(-time.Duration(s.Cfg.TokenRotationIntervalMinutes) * time.Minute))
 	} else {
 		needsRotation = rotatedAt.Before(now.Add(-urgentRotateTime))
 	}
--- a/pkg/services/auth/authtoken/auth_token_test.go
+++ b/pkg/services/auth/authtoken/auth_token_test.go
@ -341,10 +341,10 @@ func createTestContext(t *testing.T) *testContext {
 	tokenService := &UserAuthTokenServiceImpl{
 		SQLStore: sqlstore,
 		Cfg: &setting.Cfg{
-			LoginCookieName:                   "grafana_session",
-			LoginCookieMaxDays:                7,
-			LoginDeleteExpiredTokensAfterDays: 30,
-			LoginCookieRotation:               10,
+			LoginMaxInactiveLifetimeDays:     7,
+			LoginMaxLifetimeDays:             30,
+			TokenRotationIntervalMinutes:     10,
+			ExpiredTokensCleanupIntervalDays: 1,
 		},
 		log: log.New("test-logger"),
 	}
--- a/pkg/services/auth/authtoken/session_cleanup.go
+++ b/pkg/services/auth/authtoken/session_cleanup.go
@ -7,12 +7,12 @@ import (

 func (srv *UserAuthTokenServiceImpl) Run(ctx context.Context) error {
 	ticker := time.NewTicker(time.Hour * 12)
-	deleteSessionAfter := time.Hour * 24 * time.Duration(srv.Cfg.LoginDeleteExpiredTokensAfterDays)
+	deleteSessionAfter := time.Hour * 24 * time.Duration(srv.Cfg.ExpiredTokensCleanupIntervalDays)

 	for {
 		select {
 		case <-ticker.C:
-			srv.ServerLockService.LockAndExecute(ctx, "delete old sessions", time.Hour*12, func() {
+			srv.ServerLockService.LockAndExecute(ctx, "delete expired auth tokens", time.Hour*12, func() {
 				srv.deleteOldSession(deleteSessionAfter)
 			})

--- a/pkg/services/auth/authtoken/session_cleanup_test.go
+++ b/pkg/services/auth/authtoken/session_cleanup_test.go
@ -14,7 +14,7 @@ func TestUserAuthTokenCleanup(t *testing.T) {
 		ctx := createTestContext(t)

 		insertToken := func(token string, prev string, rotatedAt int64) {
-			ut := userAuthToken{AuthToken: token, PrevAuthToken: prev, RotatedAt: rotatedAt, UserAgent: "", ClientIp: ""}
+			ut := userAuthToken{AuthToken: token, PrevAuthToken: prev, CreatedAt: rotatedAt, RotatedAt: rotatedAt, UserAgent: "", ClientIp: ""}
 			_, err := ctx.sqlstore.NewSession().Insert(&ut)
 			So(err, ShouldBeNil)
 		}