Save session for 30 days with "Remember Me" checked

2025-07-08 14:10:52 -07:00 · 2016-04-23 11:18:52 -07:00 · 2016-04-23 11:18:52 -07:00 · 9fcd0da83d
commit 9fcd0da83d
parent e99bc73e46
4 changed files with 17 additions and 19 deletions
--- a/data/interfaces/default/css/plexpy.css
+++ b/data/interfaces/default/css/plexpy.css
@ -1016,7 +1016,7 @@ a:hover .dashboard-recent-media-cover {
    font-size: 13px;
    font-weight: bold;
    margin: 0;
-    line-height: 15px;
+    line-height: 16px;
    width: 150px;
    white-space: nowrap;
    text-align: left;
@ -1505,7 +1505,7 @@ a:hover .item-children-poster {
    font-size: 13px;
    font-weight: bold;
    margin: 0;
-    line-height: 15px;
+    line-height: 16px;
    white-space: nowrap;
    text-align: left;
    clear: both;
@ -2898,11 +2898,7 @@ a.no-highlight:hover {
    text-shadow: 0 -1px 1px rgba(0,0,0,.4),0 0 15px rgba(0,0,0,.2);
 }
 .login-container .remember-group {
-    display: block;
+    float: left;
    min-height: 24px;
    margin-top: 10px;
    margin-bottom: 10px;
    vertical-align: middle;
    color: #999;
 }
 .login-container .remember-group .control-label {
--- a/data/interfaces/default/login.html
+++ b/data/interfaces/default/login.html
@ -42,12 +42,12 @@
                                <input type="password" id="password" name="password" class="form-control">
                            </div>
                            <div class="form-footer">
                                <button type="submit" class="btn btn-bright login-button"><i class="fa fa-sign-in"></i>&nbsp; Sign In</button>
                                <div class="remember-group">
                                    <label class="control-label">
-                                        <input type="checkbox" id="remember_me" name="remember_me" title="for 30 days" value=1 checked="checked" /> Remember me
+                                        <input type="checkbox" id="remember_me" name="remember_me" title="for 30 days" value="1" checked="checked" /> Remember me
                                    </label>
                                </div>
                                <button type="submit" class="btn btn-bright login-button"><i class="fa fa-sign-in"></i>&nbsp; Sign In</button>
                            </div>
                        </form>
                    </div>
--- a/plexpy/webauth.py
+++ b/plexpy/webauth.py
@ -21,6 +21,7 @@
 import cherrypy
 from cgi import escape
 from hashing_passwords import check_hash
 from datetime import datetime, timedelta
 import plexpy
 from plexpy import logger
@ -52,8 +53,8 @@ def check_auth(*args, **kwargs):
    conditions that the user must fulfill"""
    conditions = cherrypy.request.config.get('auth.require', None)
    if conditions is not None:
-        username = cherrypy.session.get(SESSION_KEY)
+        (username, expiry) = cherrypy.session.get(SESSION_KEY) if cherrypy.session.get(SESSION_KEY) else (None, None)
-        if username:
+        if (username and expiry) and expiry > datetime.now():
            cherrypy.request.login = username
            for condition in conditions:
                # A condition is just a callable that returns true or false
@ -128,17 +129,14 @@ class AuthController(object):
    def get_loginform(self, username="", msg=""):
        from plexpy.webserve import serve_template
-
+        return serve_template(templatename="login.html", title="Login", username=escape(username, True), msg=msg)
        username = escape(username, True)
        return serve_template(templatename="login.html", title="Login", username=username, msg=msg)
    @cherrypy.expose
    def index(self):
        raise cherrypy.HTTPRedirect("login")
    @cherrypy.expose
-    def login(self, username=None, password=None, remember_me=0):
+    def login(self, username=None, password=None, remember_me='0'):
        if not plexpy.CONFIG.HTTP_PASSWORD:
            raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT)
@ -152,7 +150,10 @@ class AuthController(object):
            return self.get_loginform(username, error_msg)
        else:
            cherrypy.session.regenerate()
-            cherrypy.session[SESSION_KEY] = cherrypy.request.login = username
+            cherrypy.request.login = username
            expiry = datetime.now() + (timedelta(days=30) if remember_me == '1' else timedelta(minutes=60))
            cherrypy.session[SESSION_KEY] = (username, expiry)
            self.on_login(username)
            raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT)
@ -162,7 +163,7 @@ class AuthController(object):
            raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT)
        sess = cherrypy.session
-        username = sess.get(SESSION_KEY, None)
+        (username, expiry) = sess.get(SESSION_KEY) if sess.get(SESSION_KEY) else (None, None)
        sess[SESSION_KEY] = None
        if username:
--- a/plexpy/webstart.py
+++ b/plexpy/webstart.py
@ -66,8 +66,9 @@ def initialize(options):
    if options['http_password']:
        logger.info("Web server authentication is enabled, username is '%s'", options['http_username'])
        options_dict['tools.sessions.on'] = True
        options_dict['tools.auth.on'] = True
        options_dict['tools.sessions.on'] = True
        options_dict['tools.sessions.timeout'] = 30 * 24 * 60 # 30 days
        cherrypy.tools.auth = cherrypy.Tool('before_handler', webauth.check_auth)
    if not options['http_root'] or options['http_root'] == '/':