From 8d60bb55bc1e208afa3c7197cd848a50e4ad8b13 Mon Sep 17 00:00:00 2001 From: mrkubax10 Date: Sat, 23 Sep 2023 14:10:19 +0200 Subject: [PATCH] Frontend: Session storage fixes --- frontend_routes.pm | 2 +- frontend_session.pm | 17 +++++++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/frontend_routes.pm b/frontend_routes.pm index d792396..2d822c3 100644 --- a/frontend_routes.pm +++ b/frontend_routes.pm @@ -234,7 +234,7 @@ sub handlePath { my $response = frontend::getBaseResponse(301, "OK"); $response.="Location: /\r\n"; $response.="Content-Length: 0\r\n"; - $response.="Set-Cookie: session=$token\r\n\r\n"; + $response.="Set-Cookie: session=$token;expires=".localtime(time()+7*24*3600)."\r\n\r\n"; $aClient->send($response); return 1; } diff --git a/frontend_session.pm b/frontend_session.pm index 9645b18..b899053 100644 --- a/frontend_session.pm +++ b/frontend_session.pm @@ -22,9 +22,12 @@ use strict; use warnings; our %sessions; +my %sessionAccess; sub newSessionToken { - return Digest::SHA::sha256_hex(sprintf("%x", rand(0xFFFFFFFF))); + my $session = Digest::SHA::sha256_hex(sprintf("%x", rand(0xFFFFFFFF))); + $sessionAccess{$session} = time(); + return $session; } sub deleteSession { @@ -32,13 +35,23 @@ sub deleteSession { if(isValidSession($aSession)) { delete $sessions{$aSession}; + delete $sessionAccess{$aSession}; } } sub isValidSession { my $aSession = $_[0]; - return defined($sessions{$aSession}); + foreach my $key (keys(%sessionAccess)) { + if(time()-$sessionAccess{$key}>7*24*3600) { + deleteSession($key); + } + } + if(defined($sessions{$aSession})) { + $sessionAccess{$aSession} = time(); + return 1; + } + return 0; } 1;