From 9fcd0da83df32c1aa9072d8e1f3ad12734bf4aa5 Mon Sep 17 00:00:00 2001 From: JonnyWong16 Date: Sat, 23 Apr 2016 11:18:52 -0700 Subject: [PATCH] Save session for 30 days with "Remember Me" checked --- data/interfaces/default/css/plexpy.css | 10 +++------- data/interfaces/default/login.html | 4 ++-- plexpy/webauth.py | 19 ++++++++++--------- plexpy/webstart.py | 3 ++- 4 files changed, 17 insertions(+), 19 deletions(-) diff --git a/data/interfaces/default/css/plexpy.css b/data/interfaces/default/css/plexpy.css index 6738fb88..265f9a46 100644 --- a/data/interfaces/default/css/plexpy.css +++ b/data/interfaces/default/css/plexpy.css @@ -1016,7 +1016,7 @@ a:hover .dashboard-recent-media-cover { font-size: 13px; font-weight: bold; margin: 0; - line-height: 15px; + line-height: 16px; width: 150px; white-space: nowrap; text-align: left; @@ -1505,7 +1505,7 @@ a:hover .item-children-poster { font-size: 13px; font-weight: bold; margin: 0; - line-height: 15px; + line-height: 16px; white-space: nowrap; text-align: left; clear: both; @@ -2898,11 +2898,7 @@ a.no-highlight:hover { text-shadow: 0 -1px 1px rgba(0,0,0,.4),0 0 15px rgba(0,0,0,.2); } .login-container .remember-group { - display: block; - min-height: 24px; - margin-top: 10px; - margin-bottom: 10px; - vertical-align: middle; + float: left; color: #999; } .login-container .remember-group .control-label { diff --git a/data/interfaces/default/login.html b/data/interfaces/default/login.html index 05491036..52db170a 100644 --- a/data/interfaces/default/login.html +++ b/data/interfaces/default/login.html @@ -42,12 +42,12 @@
-
+
diff --git a/plexpy/webauth.py b/plexpy/webauth.py index 8f90cf3d..87d1068e 100644 --- a/plexpy/webauth.py +++ b/plexpy/webauth.py @@ -21,6 +21,7 @@ import cherrypy from cgi import escape from hashing_passwords import check_hash +from datetime import datetime, timedelta import plexpy from plexpy import logger @@ -52,8 +53,8 @@ def check_auth(*args, **kwargs): conditions that the user must fulfill""" conditions = cherrypy.request.config.get('auth.require', None) if conditions is not None: - username = cherrypy.session.get(SESSION_KEY) - if username: + (username, expiry) = cherrypy.session.get(SESSION_KEY) if cherrypy.session.get(SESSION_KEY) else (None, None) + if (username and expiry) and expiry > datetime.now(): cherrypy.request.login = username for condition in conditions: # A condition is just a callable that returns true or false @@ -128,17 +129,14 @@ class AuthController(object): def get_loginform(self, username="", msg=""): from plexpy.webserve import serve_template - - username = escape(username, True) - - return serve_template(templatename="login.html", title="Login", username=username, msg=msg) + return serve_template(templatename="login.html", title="Login", username=escape(username, True), msg=msg) @cherrypy.expose def index(self): raise cherrypy.HTTPRedirect("login") @cherrypy.expose - def login(self, username=None, password=None, remember_me=0): + def login(self, username=None, password=None, remember_me='0'): if not plexpy.CONFIG.HTTP_PASSWORD: raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT) @@ -152,7 +150,10 @@ class AuthController(object): return self.get_loginform(username, error_msg) else: cherrypy.session.regenerate() - cherrypy.session[SESSION_KEY] = cherrypy.request.login = username + cherrypy.request.login = username + expiry = datetime.now() + (timedelta(days=30) if remember_me == '1' else timedelta(minutes=60)) + cherrypy.session[SESSION_KEY] = (username, expiry) + self.on_login(username) raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT) @@ -162,7 +163,7 @@ class AuthController(object): raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT) sess = cherrypy.session - username = sess.get(SESSION_KEY, None) + (username, expiry) = sess.get(SESSION_KEY) if sess.get(SESSION_KEY) else (None, None) sess[SESSION_KEY] = None if username: diff --git a/plexpy/webstart.py b/plexpy/webstart.py index b2ad1515..52d3ff83 100644 --- a/plexpy/webstart.py +++ b/plexpy/webstart.py @@ -66,8 +66,9 @@ def initialize(options): if options['http_password']: logger.info("Web server authentication is enabled, username is '%s'", options['http_username']) - options_dict['tools.sessions.on'] = True options_dict['tools.auth.on'] = True + options_dict['tools.sessions.on'] = True + options_dict['tools.sessions.timeout'] = 30 * 24 * 60 # 30 days cherrypy.tools.auth = cherrypy.Tool('before_handler', webauth.check_auth) if not options['http_root'] or options['http_root'] == '/':