eswyft/4in1_ws_web
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin: update last activity timestamp every 15 seconds

Browse Source
This commit is contained in:
E. S. 2024-03-09 17:24:48 +00:00
parent 8938276d64
commit dca4a9f9fc
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/admin.php
View File

@ -40,7 +40,8 @@ function admin_add(string $login, string $password): int {
$db = DB(); $db = DB();
$db->insert('admins', [ $db->insert('admins', [
'login' => $login, 'login' => $login,
'password' => salt_password($password) 'password' => salt_password($password),
'activity_ts' => 0
]); ]);
return $db->insertId(); return $db->insertId();
} }
@ -95,6 +96,8 @@ function admin_auth(string $login, string $password): bool {
'ua' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'ua' => $_SERVER['HTTP_USER_AGENT'] ?? '',
]); ]);
$db->query("UPDATE admins SET activity_ts=? WHERE id=?", $time, $id);
$AdminSession->id = $id; $AdminSession->id = $id;
$AdminSession->login = $login; $AdminSession->login = $login;
$AdminSession->makeCSRFSalt($salted_password); $AdminSession->makeCSRFSalt($salted_password);
@ -127,9 +130,11 @@ function _admin_check(): void {
$cookie = (string)$_COOKIE[ADMIN_COOKIE_NAME]; $cookie = (string)$_COOKIE[ADMIN_COOKIE_NAME];
$db = DB(); $db = DB();
$time = time();
$q = $db->query("SELECT $q = $db->query("SELECT
admin_auth.id AS auth_id, admin_auth.id AS auth_id,
admin_auth.admin_id AS id, admin_auth.admin_id AS id,
admins.activity_ts AS activity_ts,
admins.password AS salted_password, admins.password AS salted_password,
admins.login AS login admins.login AS login
FROM admin_auth FROM admin_auth
@ -147,6 +152,9 @@ function _admin_check(): void {
$AdminSession->login = $info['login']; $AdminSession->login = $info['login'];
$AdminSession->authId = (int)$info['auth_id']; $AdminSession->authId = (int)$info['auth_id'];
$AdminSession->makeCSRFSalt($info['salted_password']); $AdminSession->makeCSRFSalt($info['salted_password']);
if ($time - $info['activity_ts'] > 15)
$db->query("UPDATE admins SET activity_ts=? WHERE id=?", $time, $AdminSession->id);
} }
function _admin_set_cookie(string $token): void { function _admin_set_cookie(string $token): void {