Merge pull request #1397 from Alkarex/cookieDuration

Option for cookie duration

13 files changed, 25 insertions, 12 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ff2312c6b..fa883a7fa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 * Features
 	* Add git compatibility in Web update system [#1357](https://github.com/FreshRSS/FreshRSS/issues/1357)
 		* Requires that the initial installation is done with git
+	* New option `limits.cookie_duration` in `data/config.php` to set the login cookie duration [#1384](https://github.com/FreshRSS/FreshRSS/issues/1384)
 * SQL
 	* More robust export function in the case of large datasets [#1372](https://github.com/FreshRSS/FreshRSS/issues/1372)
 * CLI
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index 9decba431..1398e4e49 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -113,6 +113,10 @@ class FreshRSS_auth_Controller extends Minz_ActionController {
 		$file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js');
 		Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime));
 
+		$conf = Minz_Configuration::get('system');
+		$limits = $conf->limits;
+		$this->view->cookie_days = round($limits['cookie_duration'] / 86400, 1);
+
 		if (Minz_Request::isPost()) {
 			$nonce = Minz_Session::param('nonce');
 			$username = Minz_Request::param('username', '');
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 3313fdf3f..042210eaf 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -219,8 +219,8 @@ class FreshRSS_FormAuth {
 	}
 
 	public static function makeCookie($username, $password_hash) {
+		$conf = Minz_Configuration::get('system');
 		do {
-			$conf = Minz_Configuration::get('system');
 			$token = sha1($conf->salt . $username . uniqid(mt_rand(), true));
 			$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		} while (file_exists($token_file));
@@ -229,7 +229,9 @@ class FreshRSS_FormAuth {
 			return false;
 		}
 
-		$expire = time() + 2629744;	//1 month	//TODO: Use a configuration instead
+		$limits = $conf->limits;
+		$cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+		$expire = time() + $cookie_duration;
 		Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
 		return $token;
 	}
@@ -247,7 +249,10 @@ class FreshRSS_FormAuth {
 	}
 
 	public static function purgeTokens() {
-		$oldest = time() - 2629744;	// 1 month	// TODO: Use a configuration instead
+		$conf = Minz_Configuration::get('system');
+		$limits = $conf->limits;
+		$cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+		$oldest = time() - $cookie_duration;
 		foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) {
 			// $extension = $file_info->getExtension(); doesn't work in PHP < 5.3.7
 			$extension = pathinfo($file_info->getFilename(), PATHINFO_EXTENSION);
diff --git a/app/i18n/cz/gen.php b/app/i18n/cz/gen.php
index e73325c55..3db3a31da 100644
--- a/app/i18n/cz/gen.php
+++ b/app/i18n/cz/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Email',
-		'keep_logged_in' => 'Zapamatovat přihlášení <small>(1 měsíc)</small>',
+		'keep_logged_in' => 'Zapamatovat přihlášení <small>(%s dny)</small>',
 		'login' => 'Login',
 		'logout' => 'Odhlášení',
 		'password' =>  array(
diff --git a/app/i18n/de/gen.php b/app/i18n/de/gen.php
index c6e7f1ef3..c73aedbfe 100644
--- a/app/i18n/de/gen.php
+++ b/app/i18n/de/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'E-Mail-Adresse',
-		'keep_logged_in' => 'Eingeloggt bleiben <small>(1 Monat)</small>',
+		'keep_logged_in' => 'Eingeloggt bleiben <small>(%s Tage)</small>',
 		'login' => 'Anmelden',
 		'logout' => 'Abmelden',
 		'password' => array(
diff --git a/app/i18n/en/gen.php b/app/i18n/en/gen.php
index 17b47ba2f..3f86cfd19 100644
--- a/app/i18n/en/gen.php
+++ b/app/i18n/en/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Email address',
-		'keep_logged_in' => 'Keep me logged in <small>(1 month)</small>',
+		'keep_logged_in' => 'Keep me logged in <small>(%s days)</small>',
 		'login' => 'Login',
 		'logout' => 'Logout',
 		'password' => array(
diff --git a/app/i18n/fr/gen.php b/app/i18n/fr/gen.php
index d61a716a7..b5dc098ae 100644
--- a/app/i18n/fr/gen.php
+++ b/app/i18n/fr/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Adresse courriel',
-		'keep_logged_in' => 'Rester connecté <small>(1 mois)</small>',
+		'keep_logged_in' => 'Rester connecté <small>(%s jours)</small>',
 		'login' => 'Connexion',
 		'logout' => 'Déconnexion',
 		'password' => array(
diff --git a/app/i18n/it/gen.php b/app/i18n/it/gen.php
index c02ddd13a..a9a8709d3 100644
--- a/app/i18n/it/gen.php
+++ b/app/i18n/it/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Indirizzo email',
-		'keep_logged_in' => 'Ricorda i dati <small>(1 mese)</small>',
+		'keep_logged_in' => 'Ricorda i dati <small>(%s giorni)</small>',
 		'login' => 'Accedi',
 		'logout' => 'Esci',
 		'password' => array(
diff --git a/app/i18n/nl/gen.php b/app/i18n/nl/gen.php
index 7e03229c9..83811ce68 100644
--- a/app/i18n/nl/gen.php
+++ b/app/i18n/nl/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Email adres',
-		'keep_logged_in' => 'Ingelogd blijven voor <small>(1 maand)</small>',
+		'keep_logged_in' => 'Ingelogd blijven voor <small>(%s dagen)</small>',
 		'login' => 'Log in',
 		'logout' => 'Log uit',
 		'password' => array(
diff --git a/app/i18n/ru/gen.php b/app/i18n/ru/gen.php
index eecd72749..bc42afaa8 100644
--- a/app/i18n/ru/gen.php
+++ b/app/i18n/ru/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Email address',
-		'keep_logged_in' => 'Keep me logged in <small>(1 month)</small>',
+		'keep_logged_in' => 'Keep me logged in <small>(%s дней)</small>',
 		'login' => 'Login',
 		'logout' => 'Logout',
 		'password' => array(
diff --git a/app/i18n/tr/gen.php b/app/i18n/tr/gen.php
index 865dbd4e2..bcc839daf 100644
--- a/app/i18n/tr/gen.php
+++ b/app/i18n/tr/gen.php
@@ -22,7 +22,7 @@ return array(
 	),
 	'auth' => array(
 		'email' => 'Email adresleri',
-		'keep_logged_in' => '<small>(1 ay)</small> oturumu açık tut',
+		'keep_logged_in' => '<small>(%s günler)</small> oturumu açık tut',
 		'login' => 'Giriş',
 		'logout' => 'Çıkış',
 		'password' => array(
diff --git a/app/views/auth/formLogin.phtml b/app/views/auth/formLogin.phtml
index 4bbc8ed55..a8213b7ae 100644
--- a/app/views/auth/formLogin.phtml
+++ b/app/views/auth/formLogin.phtml
@@ -20,7 +20,7 @@
 		<div>
 			<label class="checkbox" for="keep_logged_in">
 				<input type="checkbox" name="keep_logged_in" id="keep_logged_in" value="1" />
-				<?php echo _t('gen.auth.keep_logged_in'); ?>
+				<?php echo _t('gen.auth.keep_logged_in', $this->cookie_days); ?>
 			</label>
 			<br />
 		</div>
diff --git a/data/config.default.php b/data/config.default.php
index 8b07b85cd..433207a9c 100644
--- a/data/config.default.php
+++ b/data/config.default.php
@@ -74,6 +74,9 @@ return array(
 
 	'limits' => array(
 
+		# Duration in seconds of the login cookie.
+		'cookie_duration' => 2592000,
+
 		# Duration in seconds of the SimplePie cache,
 		#	during which a query to the RSS feed will return the local cached version.
 		# Especially important for multi-user setups.