Save session for 30 days with "Remember Me" checked

2025-07-08 06:00:51 -07:00 · 2016-04-23 11:18:52 -07:00 · 2016-04-23 11:18:52 -07:00 · 9fcd0da83d
commit 9fcd0da83d
parent e99bc73e46
4 changed files with 17 additions and 19 deletions
--- a/data/interfaces/default/css/plexpy.css
+++ b/data/interfaces/default/css/plexpy.css
@ -1016,7 +1016,7 @@ a:hover .dashboard-recent-media-cover {
    font-size: 13px;
    font-weight: bold;
    margin: 0;
-    line-height: 15px;
+    line-height: 16px;
    width: 150px;
    white-space: nowrap;
    text-align: left;
@ -1505,7 +1505,7 @@ a:hover .item-children-poster {
    font-size: 13px;
    font-weight: bold;
    margin: 0;
-    line-height: 15px;
+    line-height: 16px;
    white-space: nowrap;
    text-align: left;
    clear: both;
@ -2898,11 +2898,7 @@ a.no-highlight:hover {
    text-shadow: 0 -1px 1px rgba(0,0,0,.4),0 0 15px rgba(0,0,0,.2);
 }
 .login-container .remember-group {
-    display: block;
-    min-height: 24px;
-    margin-top: 10px;
-    margin-bottom: 10px;
-    vertical-align: middle;
+    float: left;
    color: #999;
 }
 .login-container .remember-group .control-label {
--- a/data/interfaces/default/login.html
+++ b/data/interfaces/default/login.html
@ -42,12 +42,12 @@
                                <input type="password" id="password" name="password" class="form-control">
                            </div>
                            <div class="form-footer">
-                                <button type="submit" class="btn btn-bright login-button"><i class="fa fa-sign-in"></i>&nbsp; Sign In</button>
                                <div class="remember-group">
                                    <label class="control-label">
-                                        <input type="checkbox" id="remember_me" name="remember_me" title="for 30 days" value=1 checked="checked" /> Remember me
+                                        <input type="checkbox" id="remember_me" name="remember_me" title="for 30 days" value="1" checked="checked" /> Remember me
                                    </label>
                                </div>
+                                <button type="submit" class="btn btn-bright login-button"><i class="fa fa-sign-in"></i>&nbsp; Sign In</button>
                            </div>
                        </form>
                    </div>
--- a/plexpy/webauth.py
+++ b/plexpy/webauth.py
@ -21,6 +21,7 @@
 import cherrypy
 from cgi import escape
 from hashing_passwords import check_hash
+from datetime import datetime, timedelta

 import plexpy
 from plexpy import logger
@ -52,8 +53,8 @@ def check_auth(*args, **kwargs):
    conditions that the user must fulfill"""
    conditions = cherrypy.request.config.get('auth.require', None)
    if conditions is not None:
-        username = cherrypy.session.get(SESSION_KEY)
-        if username:
+        (username, expiry) = cherrypy.session.get(SESSION_KEY) if cherrypy.session.get(SESSION_KEY) else (None, None)
+        if (username and expiry) and expiry > datetime.now():
            cherrypy.request.login = username
            for condition in conditions:
                # A condition is just a callable that returns true or false
@ -128,17 +129,14 @@ class AuthController(object):
    
    def get_loginform(self, username="", msg=""):
        from plexpy.webserve import serve_template
-
-        username = escape(username, True)
-
-        return serve_template(templatename="login.html", title="Login", username=username, msg=msg)
+        return serve_template(templatename="login.html", title="Login", username=escape(username, True), msg=msg)
    
    @cherrypy.expose
    def index(self):
        raise cherrypy.HTTPRedirect("login")

    @cherrypy.expose
-    def login(self, username=None, password=None, remember_me=0):
+    def login(self, username=None, password=None, remember_me='0'):
        if not plexpy.CONFIG.HTTP_PASSWORD:
            raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT)

@ -152,7 +150,10 @@ class AuthController(object):
            return self.get_loginform(username, error_msg)
        else:
            cherrypy.session.regenerate()
-            cherrypy.session[SESSION_KEY] = cherrypy.request.login = username
+            cherrypy.request.login = username
+            expiry = datetime.now() + (timedelta(days=30) if remember_me == '1' else timedelta(minutes=60))
+            cherrypy.session[SESSION_KEY] = (username, expiry)
+
            self.on_login(username)
            raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT)
    
@ -162,7 +163,7 @@ class AuthController(object):
            raise cherrypy.HTTPRedirect(plexpy.HTTP_ROOT)

        sess = cherrypy.session
-        username = sess.get(SESSION_KEY, None)
+        (username, expiry) = sess.get(SESSION_KEY) if sess.get(SESSION_KEY) else (None, None)
        sess[SESSION_KEY] = None

        if username:
--- a/plexpy/webstart.py
+++ b/plexpy/webstart.py
@ -66,8 +66,9 @@ def initialize(options):

    if options['http_password']:
        logger.info("Web server authentication is enabled, username is '%s'", options['http_username'])
-        options_dict['tools.sessions.on'] = True
        options_dict['tools.auth.on'] = True
+        options_dict['tools.sessions.on'] = True
+        options_dict['tools.sessions.timeout'] = 30 * 24 * 60 # 30 days
        cherrypy.tools.auth = cherrypy.Tool('before_handler', webauth.check_auth)

    if not options['http_root'] or options['http_root'] == '/':