Skip to content

Commit

Permalink
Merge pull request #263 from limanmys/2.1.1-dev
Browse files Browse the repository at this point in the history
feat: Add session expiration configuration and update token timeout l…
  • Loading branch information
dogukanoksuz authored Dec 9, 2024
2 parents 83874d9 + d8d65df commit c8b9767
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 2 deletions.
4 changes: 4 additions & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,10 @@ KEYCLOAK_REALM=
# Activate Google Authenticator service for 2FA logins
OTP_ENABLED=false

# SESSION EXPIRES ON CLOSE
# Changes session expiration behavior
AUTH_SESSION_EXPIRES_ON_CLOSE=false


##### DATABASE SETTINGS #####
DB_CONNECTION=pgsql
Expand Down
11 changes: 9 additions & 2 deletions app/Classes/Authentication/Authenticator.php
Original file line number Diff line number Diff line change
Expand Up @@ -115,10 +115,17 @@ public static function createNewToken($token, ?Request $request = null)
],
];

$sessionCheck = (bool) env('AUTH_SESSION_EXPIRES_ON_CLOSE', false);
if ($sessionCheck) {
$tokenTimeout = 0;
} else {
$tokenTimeout = auth('api')->factory()->getTTL() * 60;
}

return response()->json($return)->withCookie(cookie(
'token',
$token,
auth('api')->factory()->getTTL() * 60,
$tokenTimeout,
null,
$request->getHost(),
true,
Expand All @@ -127,7 +134,7 @@ public static function createNewToken($token, ?Request $request = null)
))->withCookie(cookie(
'currentUser',
json_encode($return),
auth('api')->factory()->getTTL() * 60,
$tokenTimeout,
null,
$request->getHost(),
true,
Expand Down

0 comments on commit c8b9767

Please sign in to comment.