6 年之前 · 0915f931ae
--- a/pkg/services/auth/authtoken/auth_token.go
+++ b/pkg/services/auth/authtoken/auth_token.go
@@ -81,7 +81,7 @@ func (s *UserAuthTokenServiceImpl) LookupToken(unhashedToken string) (auth.UserT
 
				 		s.log.Debug("looking up token", "unhashed", unhashedToken, "hashed", hashedToken)
			
 
				 	}
			
 
				 
			
 
				-	expireBefore := getTime().Add(time.Duration(-86400*s.Cfg.LoginCookieMaxDays) * time.Second).Unix()
			
 
				+	expireBefore := getTime().Add(time.Duration(-86400*s.Cfg.LoginMaxInactiveLifetimeDays) * time.Second).Unix()
			
 
				 
			
 
				 	var model userAuthToken
			
 
				 	exists, err := s.SQLStore.NewSession().Where("(auth_token = ? OR prev_auth_token = ?) AND created_at > ?", hashedToken, hashedToken, expireBefore).Get(&model)
			
@@ -148,7 +148,7 @@ func (s *UserAuthTokenServiceImpl) TryRotateToken(token auth.UserToken, clientIP
 
				 	needsRotation := false
			
 
				 	rotatedAt := time.Unix(model.RotatedAt, 0)
			
 
				 	if model.AuthTokenSeen {
			
 
				-		needsRotation = rotatedAt.Before(now.Add(-time.Duration(s.Cfg.LoginCookieRotation) * time.Minute))
			
 
				+		needsRotation = rotatedAt.Before(now.Add(-time.Duration(s.Cfg.TokenRotationIntervalMinutes) * time.Minute))
			
 
				 	} else {
			
 
				 		needsRotation = rotatedAt.Before(now.Add(-urgentRotateTime))
			
 
				 	}
			
--- a/pkg/services/auth/authtoken/auth_token_test.go
+++ b/pkg/services/auth/authtoken/auth_token_test.go
@@ -341,10 +341,10 @@ func createTestContext(t *testing.T) *testContext {
 
				 	tokenService := &UserAuthTokenServiceImpl{
			
 
				 		SQLStore: sqlstore,
			
 
				 		Cfg: &setting.Cfg{
			
 
				-			LoginCookieName:                   "grafana_session",
			
 
				-			LoginCookieMaxDays:                7,
			
 
				-			LoginDeleteExpiredTokensAfterDays: 30,
			
 
				-			LoginCookieRotation:               10,
			
 
				+			LoginMaxInactiveLifetimeDays:     7,
			
 
				+			LoginMaxLifetimeDays:             30,
			
 
				+			TokenRotationIntervalMinutes:     10,
			
 
				+			ExpiredTokensCleanupIntervalDays: 1,
			
 
				 		},
			
 
				 		log: log.New("test-logger"),
			
 
				 	}
			
--- a/pkg/services/auth/authtoken/session_cleanup.go
+++ b/pkg/services/auth/authtoken/session_cleanup.go
@@ -7,12 +7,12 @@ import (
 
				 
			
 
				 func (srv *UserAuthTokenServiceImpl) Run(ctx context.Context) error {
			
 
				 	ticker := time.NewTicker(time.Hour * 12)
			
 
				-	deleteSessionAfter := time.Hour * 24 * time.Duration(srv.Cfg.LoginDeleteExpiredTokensAfterDays)
			
 
				+	deleteSessionAfter := time.Hour * 24 * time.Duration(srv.Cfg.ExpiredTokensCleanupIntervalDays)
			
 
				 
			
 
				 	for {
			
 
				 		select {
			
 
				 		case <-ticker.C:
			
 
				-			srv.ServerLockService.LockAndExecute(ctx, "delete old sessions", time.Hour*12, func() {
			
 
				+			srv.ServerLockService.LockAndExecute(ctx, "delete expired auth tokens", time.Hour*12, func() {
			
 
				 				srv.deleteOldSession(deleteSessionAfter)
			
 
				 			})
			
 
				 
			
--- a/pkg/services/auth/authtoken/session_cleanup_test.go
+++ b/pkg/services/auth/authtoken/session_cleanup_test.go
@@ -14,7 +14,7 @@ func TestUserAuthTokenCleanup(t *testing.T) {
 
				 		ctx := createTestContext(t)
			
 
				 
			
 
				 		insertToken := func(token string, prev string, rotatedAt int64) {
			
 
				-			ut := userAuthToken{AuthToken: token, PrevAuthToken: prev, RotatedAt: rotatedAt, UserAgent: "", ClientIp: ""}
			
 
				+			ut := userAuthToken{AuthToken: token, PrevAuthToken: prev, CreatedAt: rotatedAt, RotatedAt: rotatedAt, UserAgent: "", ClientIp: ""}
			
 
				 			_, err := ctx.sqlstore.NewSession().Insert(&ut)
			
 
				 			So(err, ShouldBeNil)
			
 
				 		}