mirror of
https://github.com/plausible/analytics.git
synced 2024-12-24 01:54:34 +03:00
Drop session
This commit is contained in:
parent
e14001664c
commit
2cf57a795f
@ -9,17 +9,14 @@ defmodule PlausibleWeb.SessionTimeoutPlug do
|
||||
timeout_at = get_session(conn, :session_timeout_at)
|
||||
user_id = get_session(conn, :current_user_id)
|
||||
|
||||
if user_id && timeout_at && now() > timeout_at do
|
||||
logout_user(conn)
|
||||
else
|
||||
cond do
|
||||
user_id && timeout_at && now() > timeout_at ->
|
||||
configure_session(conn, drop: true)
|
||||
user_id ->
|
||||
put_session(conn, :session_timeout_at, new_session_timeout_at(opts[:timeout_after_seconds]))
|
||||
end
|
||||
end
|
||||
|
||||
defp logout_user(conn) do
|
||||
true ->
|
||||
conn
|
||||
|> put_session(:current_user_id, nil) # Leave `device_id` in the session for accurate tracking
|
||||
|> assign(:session_timeout, true)
|
||||
end
|
||||
end
|
||||
|
||||
defp now do
|
32
test/plausible_web/plugs/session_timeout_plug_test.exs
Normal file
32
test/plausible_web/plugs/session_timeout_plug_test.exs
Normal file
@ -0,0 +1,32 @@
|
||||
defmodule PlausibleWeb.SessionTimeoutPlugTest do
|
||||
use ExUnit.Case, async: true
|
||||
use Plug.Test
|
||||
alias PlausibleWeb.SessionTimeoutPlug
|
||||
@opts %{timeout_after_seconds: 10}
|
||||
|
||||
test "does nothing if user is not logged in" do
|
||||
conn = conn(:get, "/")
|
||||
|> init_test_session(%{})
|
||||
|> SessionTimeoutPlug.call(@opts)
|
||||
|
||||
refute get_session(conn, :session_timeout_at)
|
||||
end
|
||||
|
||||
test "sets session timeout if user is logged in" do
|
||||
conn = conn(:get, "/")
|
||||
|> init_test_session(%{current_user_id: 1})
|
||||
|> SessionTimeoutPlug.call(@opts)
|
||||
|
||||
timeout = get_session(conn, :session_timeout_at)
|
||||
now = DateTime.utc_now() |> DateTime.to_unix
|
||||
assert timeout > now
|
||||
end
|
||||
|
||||
test "logs user out if timeout passed" do
|
||||
conn = conn(:get, "/")
|
||||
|> init_test_session(%{current_user_id: 1, session_timeout_at: 1})
|
||||
|> SessionTimeoutPlug.call(@opts)
|
||||
|
||||
assert conn.private[:plug_session_info] == :drop
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue
Block a user