From ebd494e6c6fdcc7d4ca57084b81f3fd201b5e720 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Mon, 24 Feb 2014 18:52:31 +0200
Subject: server: expire stale sessions

---
 server.lua | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/server.lua b/server.lua
index 468cdc3..88e3556 100644
--- a/server.lua
+++ b/server.lua
@@ -18,11 +18,14 @@ math.randomseed(os.time())
 local save_req = os.execute('[ $(stat -f -c "%T" /) = tmpfs ]')
 
 -- TODO shared storage for sessions
--- TODO expire stale sessions
 local sessions = {}
 
 
 return function(env)
+	  for sid, session in pairs(sessions) do
+	     if session.expires < os.time() then sessions[sid] = nil end
+	  end
+
 	  local method = env.REQUEST_METHOD
 	  local path = env.PATH_INFO
 
@@ -67,11 +70,14 @@ return function(env)
 	     end
 	  end
 
-	  local sid = tonumber(env.HTTP_X_ACF_AUTH_TOKEN)
 	  local session, user, txn_id
+	  function reset_session_expiry() session.expires = os.time() + 600 end
+
+	  local sid = tonumber(env.HTTP_X_ACF_AUTH_TOKEN)
 	  if sid then
 	     session = sessions[sid]
 	     if not session then return wrap(401) end
+	     reset_session_expiry()
 	     user = session.user
 	     txn_id = tonumber(env.HTTP_X_ACF_TRANSACTION_ID)
 	  end
@@ -114,7 +120,9 @@ return function(env)
 		      sid = math.floor(math.random() * 2^32)
 		   until not sessions[sid]
 
-		   sessions[sid] = {user=data.username, last_txn_id=0, txns={}}
+		   session = {user=data.username, last_txn_id=0, txns={}}
+		   reset_session_expiry()
+		   sessions[sid] = session
 		   return wrap(
 		      204,
 		      {
-- 
cgit v1.2.3