diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/acf-util/logon-model.lua | 9 | ||||
| -rw-r--r-- | app/acf-util/roles-model.lua | 2 | ||||
| -rw-r--r-- | app/acf_www-controller.lua | 8 |
3 files changed, 12 insertions, 7 deletions
diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua index ff5515a..a3a1171 100644 --- a/app/acf-util/logon-model.lua +++ b/app/acf-util/logon-model.lua @@ -8,9 +8,6 @@ require ("fs") require ("roles") --varibles for time in case of logons,expired,lockouts -minutes_expired_events=30 -minutes_count_events=30 -limit_count_events=10 -- load an authenticator -- FIXME: use an "always true" as default? @@ -37,9 +34,9 @@ end sessiondata.id = session.random_hash(512) end -local counteven = session.count_events(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"]), minutes_count_events) +local counteven = session.count_events(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"])) -if counteven > limit_count_events then +if counteven then userid.errtxt="Information not recognized" return (cfe {type="form", option={script=ENV["SCRIPT_NAME"], @@ -50,7 +47,7 @@ return (cfe {type="form", }) end -session.expired_events(conf.sessiondir, minutes_expired_events) +session.expired_events(conf.sessiondir) if id_user and password_user then local password_user_md5 = fs.md5sum_string(password_user) if auth.authenticate (self, id_user, password_user_md5) then diff --git a/app/acf-util/roles-model.lua b/app/acf-util/roles-model.lua index b4641dc..95f28d1 100644 --- a/app/acf-util/roles-model.lua +++ b/app/acf-util/roles-model.lua @@ -9,7 +9,7 @@ read = function(self,sessionid) useid , theroles = session.check_session(conf.sessiondir,sessionid,"roles") --we need to expand roles to give us real perm list perm = roles.get_roles_perm(self,theroles) - return ( cfe { userid={value=useid,name="userid"},roles={ value=theroles,name="roles"}, perm={value=perm,name="perm"} }) + return ( cfe { userid={value=useid,name="userid"},roles={ value=theroles,name="roles"}, perm={value=perm,name="perm"},{value=self.conf,name="self"},{value=sessiondata.userinfo.perm,name="perm2"} }) end getcont = function(self) diff --git a/app/acf_www-controller.lua b/app/acf_www-controller.lua index 6b4bfdf..2db6d0e 100644 --- a/app/acf_www-controller.lua +++ b/app/acf_www-controller.lua @@ -53,6 +53,12 @@ mvc.on_load = function (self, parent) sessionlib.record_event(self.conf.sessiondir, sessionlib.hash_ip_addr(self.conf.clientip)) else + local now = os.time() + local minutes_ago = now - (sessionlib.minutes_expired_events * 60) + if timestamp < minutes_ago then + sessionlib.unlink_session(self.conf.sessiondir, self.clientdata.sessionid) + sessiondata.id = sessionlib.random_hash(512) + sessionlib.count_events(self.conf.sessiondir,self.conf.userid or "", sessionlib.hash_ip_addr(self.conf.clientip),sessionlib.limit_count_events) --[[ FIXME --- need to write this function if too many bad events for this ip invaidate the session @@ -65,6 +71,8 @@ mvc.on_load = function (self, parent) generate flash message "Inactivity logout" end ]]-- + sessionlib.expired_events(self.conf.sessiondir,sessionlib.minutes_expired_events) + end end end end |