Add session expiration settings
You can now set session expiration in settings -> General Settings -> Miscellaneous if admin is Idles for more than minutes set, he will required to login again, just for account security concerns. you can enable or disable
This commit is contained in:
Focuslinkstech
parent
282bf6190c
commit
5a47da013b
@ -11,35 +11,54 @@ class Admin
|
||||
|
||||
public static function getID()
|
||||
{
|
||||
global $db_password;
|
||||
if (isset($_SESSION['aid'])) {
|
||||
global $db_password, $config;
|
||||
$enable_session_timeout = $config['enable_session_timeout'];
|
||||
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
|
||||
|
||||
if (isset($_SESSION['aid']) && isset($_SESSION['aid_expiration']) && $_SESSION['aid_expiration'] > time()) {
|
||||
return $_SESSION['aid'];
|
||||
} else if (isset($_COOKIE['aid'])) {
|
||||
} elseif ($enable_session_timeout && isset($_SESSION['aid']) && isset($_SESSION['aid_expiration']) && $_SESSION['aid_expiration'] <= time()) {
|
||||
self::removeCookie();
|
||||
session_destroy();
|
||||
_alert(Lang::T('Session has expired. Please log in again.'), 'danger', "admin");
|
||||
return 0;
|
||||
}
|
||||
// Check if cookie is set and valid
|
||||
elseif (isset($_COOKIE['aid'])) {
|
||||
// id.time.sha1
|
||||
$tmp = explode('.', $_COOKIE['aid']);
|
||||
if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) {
|
||||
if (time() - $tmp[1] < 86400 * 7) {
|
||||
$_SESSION['aid'] = $tmp[0];
|
||||
if ($enable_session_timeout) {
|
||||
$_SESSION['aid_expiration'] = time() + $session_timeout_duration;
|
||||
}
|
||||
return $tmp[0];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
public static function setCookie($aid)
|
||||
{
|
||||
global $db_password;
|
||||
global $db_password, $config;
|
||||
$enable_session_timeout = $config['enable_session_timeout'];
|
||||
$session_timeout_duration = $config['session_timeout_duration'] * 60; // Convert minutes to seconds
|
||||
if (isset($aid)) {
|
||||
$time = time();
|
||||
$token = $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password);
|
||||
setcookie('aid', $token, time() + 86400 * 7);
|
||||
$_SESSION['aid'] = $aid;
|
||||
if ($enable_session_timeout) {
|
||||
$_SESSION['aid_expiration'] = $time + $session_timeout_duration;
|
||||
}
|
||||
return $token;
|
||||
}
|
||||
return '';
|
||||
}
|
||||
|
||||
|
||||
public static function removeCookie()
|
||||
{
|
||||
if (isset($_COOKIE['aid'])) {
|
||||
|
||||
@ -156,6 +156,8 @@ switch ($action) {
|
||||
}
|
||||
}
|
||||
// Save all settings including tax system
|
||||
$enable_session_timeout = isset($_POST['enable_session_timeout']) ? 1 : 0;
|
||||
$_POST['enable_session_timeout'] = $enable_session_timeout;
|
||||
foreach ($_POST as $key => $value) {
|
||||
$d = ORM::for_table('tbl_appconfig')->where('setting', $key)->find_one();
|
||||
if ($d) {
|
||||
|
||||
@ -586,6 +586,24 @@
|
||||
{Lang::T('Miscellaneous')}
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<div class="form-group">
|
||||
<label class="col-md-2 control-label">{Lang::T('Enable Session Timeout')}</label>
|
||||
<div class="col-md-6">
|
||||
<label class="switch">
|
||||
<input type="checkbox" id="enable_session_timeout" value="1" name="enable_session_timeout" {if $_c['enable_session_timeout']==1}checked{/if}>
|
||||
<span class="slider"></span>
|
||||
</label>
|
||||
</div>
|
||||
<p class="help-block col-md-4">{Lang::T('Logout Admin if not Available/Online a period of time')}</p>
|
||||
</div>
|
||||
<div class="form-group" id="timeout_duration_input" style="display: none;">
|
||||
<label class="col-md-2 control-label">{Lang::T('Timeout Duration')}</label>
|
||||
<div class="col-md-6">
|
||||
<input type="number" value="{$_c['session_timeout_duration']}" class="form-control" name="session_timeout_duration" id="session_timeout_duration"
|
||||
placeholder="{Lang::T('Enter the session timeout duration (minutes)')}" min="1">
|
||||
</div>
|
||||
<p class="help-block col-md-4">{Lang::T('Idle Timeout, Logout Admin if Idle for xx minutes')}</p>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-md-2 control-label">{Lang::T('New Version Notification')}</label>
|
||||
<div class="col-md-6">
|
||||
@ -786,6 +804,38 @@ add dst-host=*.{$_domain}</pre>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
|
||||
<script>
|
||||
document.addEventListener('DOMContentLoaded', function() {
|
||||
var sectionTimeoutCheckbox = document.getElementById('enable_session_timeout');
|
||||
var timeoutDurationInput = document.getElementById('timeout_duration_input');
|
||||
var timeoutDurationField = document.getElementById('session_timeout_duration');
|
||||
|
||||
if (sectionTimeoutCheckbox.checked) {
|
||||
timeoutDurationInput.style.display = 'block';
|
||||
timeoutDurationField.required = true;
|
||||
}
|
||||
|
||||
sectionTimeoutCheckbox.addEventListener('change', function() {
|
||||
if (this.checked) {
|
||||
timeoutDurationInput.style.display = 'block';
|
||||
timeoutDurationField.required = true;
|
||||
} else {
|
||||
timeoutDurationInput.style.display = 'none';
|
||||
timeoutDurationField.required = false;
|
||||
}
|
||||
});
|
||||
|
||||
document.querySelector('form').addEventListener('submit', function(event) {
|
||||
if (sectionTimeoutCheckbox.checked && (!timeoutDurationField.value || isNaN(timeoutDurationField.value))) {
|
||||
event.preventDefault();
|
||||
alert('Please enter a valid session timeout duration.');
|
||||
timeoutDurationField.focus();
|
||||
}
|
||||
});
|
||||
});
|
||||
</script>
|
||||
<script>
|
||||
function testWa() {
|
||||
var target = prompt("Phone number\nSave First before Test", "");
|
||||
|
||||
@ -189,6 +189,62 @@
|
||||
.bs-callout-info h4 {
|
||||
color: #1b809e
|
||||
}
|
||||
|
||||
/* Checkbox container */
|
||||
.switch {
|
||||
position: relative;
|
||||
display: inline-block;
|
||||
width: 50px;
|
||||
height: 24px;
|
||||
}
|
||||
|
||||
/* Hidden checkbox */
|
||||
.switch input {
|
||||
opacity: 0;
|
||||
width: 0;
|
||||
height: 0;
|
||||
}
|
||||
|
||||
/* Slider */
|
||||
.slider {
|
||||
position: absolute;
|
||||
cursor: pointer;
|
||||
top: 0;
|
||||
left: 0;
|
||||
right: 0;
|
||||
bottom: 0;
|
||||
background-color: #ccc;
|
||||
-webkit-transition: .4s;
|
||||
transition: .4s;
|
||||
border-radius: 24px;
|
||||
}
|
||||
|
||||
.slider:before {
|
||||
position: absolute;
|
||||
content: "";
|
||||
height: 18px;
|
||||
width: 18px;
|
||||
left: 3px;
|
||||
bottom: 3px;
|
||||
background-color: white;
|
||||
-webkit-transition: .4s;
|
||||
transition: .4s;
|
||||
border-radius: 50%;
|
||||
}
|
||||
|
||||
input:checked+.slider {
|
||||
background-color: #2196F3;
|
||||
}
|
||||
|
||||
input:focus+.slider {
|
||||
box-shadow: 0 0 1px #2196F3;
|
||||
}
|
||||
|
||||
input:checked+.slider:before {
|
||||
-webkit-transform: translateX(26px);
|
||||
-ms-transform: translateX(26px);
|
||||
transform: translateX(26px);
|
||||
}
|
||||
</style>
|
||||
{if isset($xheader)}
|
||||
{$xheader}
|
||||
@ -541,4 +597,4 @@
|
||||
}
|
||||
});
|
||||
</script>
|
||||
{/if}
|
||||
{/if}
|
||||
Loading…
x
Reference in New Issue
Block a user