Auto-renew cookie (#3287)

#fix https://github.com/FreshRSS/FreshRSS/issues/3169#issuecomment-685983797
Supplement https://github.com/FreshRSS/FreshRSS/pull/3170

When we get the long-term login cookie (i.e. when starting a new session), renew it at the same time for the same duration

1 files changed, 18 insertions, 6 deletions

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 0d45da6ed..fbce4c48b 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -271,7 +271,23 @@ class FreshRSS_FormAuth {
 		}
 
 		$credentials = @file_get_contents($token_file);
-		return $credentials === false ? array() : explode("\t", $credentials, 2);
+		if ($credentials !== false && self::renewCookie($token)) {
+			return explode("\t", $credentials, 2);
+		}
+		return [];
+	}
+
+	private static function renewCookie($token) {
+		$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
+		if (touch($token_file)) {
+			$conf = Minz_Configuration::get('system');
+			$limits = $conf->limits;
+			$cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration'];
+			$expire = time() + $cookie_duration;
+			Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
+			return $token;
+		}
+		return false;
 	}
 
 	public static function makeCookie($username, $password_hash) {
@@ -285,11 +301,7 @@ class FreshRSS_FormAuth {
 			return false;
 		}
 
-		$limits = $conf->limits;
-		$cookie_duration = empty($limits['cookie_duration']) ? FreshRSS_Auth::DEFAULT_COOKIE_DURATION : $limits['cookie_duration'];
-		$expire = time() + $cookie_duration;
-		Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
-		return $token;
+		return self::renewCookie($token);
 	}
 
 	public static function deleteCookie() {