_check_divert_core: Update cookie lifetime when request is OK

The timeout should be from last load, not from login.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>

diff --git a/TODO b/TODO
index c0ba9a131ef7306dfa927dcaffca516c7f431e31..0afd1e9f99237cce6516f10c5a022ce6a39584d6 100644 (file)
--- a/TODO
+++ b/TODO
@@ -1,6 +1,3 @@
-update last in db when we return undef from check_divert
-
-

 untranslated
  GNU Affero GPL
  Source available
 untranslated
  GNU Affero GPL
  Source available

diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm
index bdb96c6f7b3f58e761588460c175f6b2df8a0be6..21805cffd8057a177222a6177d3dd3113d6a2bb6 100644 (file)
--- a/cgi-auth-flexible.pm
+++ b/cgi-auth-flexible.pm
@@ -919,6 +919,8 @@ sub _check_divert_core ($) {
         die unless $parmt eq 'y';
         die unless $cookh eq $parmh;
     }
         die unless $parmt eq 'y';
         die unless $cookh eq $parmh;
     }

+    $r->_db_update_last($cooku,$parmh);
+

     $r->{ParmT} = $parmt;
     $r->{AssocRaw} = $cooks;
     $r->{UserOK} = $cooku;
     $r->{ParmT} = $parmt;
     $r->{AssocRaw} = $cooks;
     $r->{UserOK} = $cooku;


@@ -1024,6 +1026,16 @@ sub _db_record_login_ok ($$$) {
             $h, $user, time);
 }
 
             $h, $user, time);
 }
 

+sub _db_update_last ($$) {
+    # revokes $h if it's valid; no-op if it's not
+    my ($r,$user,$h) = @_;
+    my $dbh = $r->{Dbh};
+    $dbh->do("UPDATE $r->{S}{db_prefix}_assocs".
+             " SET last = ?".
+            " WHERE username = ? AND assochash = ?", {},
+             time, $user, $h);
+}
+

 sub check_divert ($) {
     my ($r) = @_;
     if (exists $r->{Divert}) {
 sub check_divert ($) {
     my ($r) = @_;
     if (exists $r->{Divert}) {