From cddacfbb780a3b2bfadb46f3de59b656afa06f20 Mon Sep 17 00:00:00 2001 From: Bradley Schofield Date: Tue, 1 Nov 2022 14:43:18 +0000 Subject: [PATCH] Handle Eldad's Comments --- app/config/collections.php | 2 +- app/controllers/api/account.php | 20 +++++++++---------- app/controllers/api/projects.php | 13 ++++++------ app/controllers/api/teams.php | 4 ++-- app/init.php | 2 +- .../Utopia/Response/Model/Project.php | 2 +- tests/e2e/Scopes/ProjectCustom.php | 2 +- .../Projects/ProjectsConsoleClientTest.php | 8 ++++---- 8 files changed, 26 insertions(+), 27 deletions(-) diff --git a/app/config/collections.php b/app/config/collections.php index 7f51d9412c..5fd6c7cc2b 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -634,7 +634,7 @@ $collections = [ 'filters' => [], ], [ - '$id' => ID::custom('sessionDuration'), + '$id' => ID::custom('authDuration'), 'type' => Database::VAR_INTEGER, 'format' => '', 'size' => 32, diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index ff0461f2f8..55fd522fc3 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -186,11 +186,11 @@ App::post('/v1/account/sessions/email') throw new Exception(Exception::USER_BLOCKED); // User is in status blocked } - $sessionDuration = ($project->getAttribute('sessionDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; + $duration = ($project->getAttribute('authDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; $detector = new Detector($request->getUserAgent('UNKNOWN')); $record = $geodb->get($request->getIP()); - $expire = DateTime::addSeconds(new \DateTime(), $sessionDuration); + $expire = DateTime::addSeconds(new \DateTime(), $duration); $secret = Auth::tokenGenerator(); $session = new Document(array_merge( [ @@ -528,11 +528,11 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') } // Create session token, verify user account and update OAuth2 ID and Access Token - $sessionDuration = ($project->getAttribute('sessionDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; + $duration = ($project->getAttribute('authDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; $detector = new Detector($request->getUserAgent('UNKNOWN')); $record = $geodb->get($request->getIP()); $secret = Auth::tokenGenerator(); - $expire = DateTime::addSeconds(new \DateTime(), $sessionDuration); + $expire = DateTime::addSeconds(new \DateTime(), $duration); $session = new Document(array_merge([ '$id' => ID::unique(), @@ -783,11 +783,11 @@ App::put('/v1/account/sessions/magic-url') throw new Exception(Exception::USER_INVALID_TOKEN); } - $sessionDuration = ($project->getAttribute('sessionDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; + $duration = ($project->getAttribute('authDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; $detector = new Detector($request->getUserAgent('UNKNOWN')); $record = $geodb->get($request->getIP()); $secret = Auth::tokenGenerator(); - $expire = DateTime::addSeconds(new \DateTime(), $sessionDuration); + $expire = DateTime::addSeconds(new \DateTime(), $duration); $session = new Document(array_merge( [ @@ -1020,11 +1020,11 @@ App::put('/v1/account/sessions/phone') throw new Exception(Exception::USER_INVALID_TOKEN); } - $sessionDuration = ($project->getAttribute('sessionDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; + $duration = ($project->getAttribute('authDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; $detector = new Detector($request->getUserAgent('UNKNOWN')); $record = $geodb->get($request->getIP()); $secret = Auth::tokenGenerator(); - $expire = DateTime::addSeconds(new \DateTime(), $sessionDuration); + $expire = DateTime::addSeconds(new \DateTime(), $duration); $session = new Document(array_merge( [ @@ -1172,11 +1172,11 @@ App::post('/v1/account/sessions/anonymous') ]))); // Create session token - $sessionDuration = ($project->getAttribute('sessionDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; + $duration = ($project->getAttribute('authDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; $detector = new Detector($request->getUserAgent('UNKNOWN')); $record = $geodb->get($request->getIP()); $secret = Auth::tokenGenerator(); - $expire = DateTime::addSeconds(new \DateTime(), $sessionDuration); + $expire = DateTime::addSeconds(new \DateTime(), $duration); $session = new Document(array_merge( [ diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index d1ffcc4964..d1ffff3aa2 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -68,11 +68,10 @@ App::post('/v1/projects') ->param('legalCity', '', new Text(256), 'Project legal City. Max length: 256 chars.', true) ->param('legalAddress', '', new Text(256), 'Project legal Address. Max length: 256 chars.', true) ->param('legalTaxId', '', new Text(256), 'Project legal Tax ID. Max length: 256 chars.', true) - ->param('sessionDuration', 525600, new Integer(), 'Session duration in minutes. Defaults to 1 year', true) ->inject('response') ->inject('dbForConsole') ->inject('dbForProject') - ->action(function (string $projectId, string $name, string $teamId, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, int $sessionDuration, Response $response, Database $dbForConsole, Database $dbForProject) { + ->action(function (string $projectId, string $name, string $teamId, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, Response $response, Database $dbForConsole, Database $dbForProject) { $team = $dbForConsole->getDocument('teams', $teamId); @@ -114,7 +113,7 @@ App::post('/v1/projects') 'legalCity' => $legalCity, 'legalAddress' => $legalAddress, 'legalTaxId' => ID::custom($legalTaxId), - 'sessionDuration' => $sessionDuration, + 'authDuration' => Auth::TOKEN_EXPIRATION_LOGIN_LONG / 60, 'services' => new stdClass(), 'platforms' => null, 'authProviders' => [], @@ -377,10 +376,10 @@ App::patch('/v1/projects/:projectId') ->param('legalCity', '', new Text(256), 'Project legal city. Max length: 256 chars.', true) ->param('legalAddress', '', new Text(256), 'Project legal address. Max length: 256 chars.', true) ->param('legalTaxId', '', new Text(256), 'Project legal tax ID. Max length: 256 chars.', true) - ->param('sessionDuration', 525600, new Integer(true), 'Project session length in minutes. Max length: 525600 minutes.', true) + ->param('authDuration', 525600, new Integer(true), 'Project session length in minutes. Max length: 525600 minutes.', true) ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $name, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, int $sessionDuration, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $name, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, int $authDuration, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); @@ -388,7 +387,7 @@ App::patch('/v1/projects/:projectId') throw new Exception(Exception::PROJECT_NOT_FOUND); } - if ($sessionDuration < 0 || $sessionDuration > 525600) { + if ($authDuration < 0 || $authDuration > 525600) { throw new Exception('Session length must be between 0 and 525600 minutes'); } @@ -403,7 +402,7 @@ App::patch('/v1/projects/:projectId') ->setAttribute('legalCity', $legalCity) ->setAttribute('legalAddress', $legalAddress) ->setAttribute('legalTaxId', $legalTaxId) - ->setAttribute('sessionDuration', $sessionDuration) + ->setAttribute('authDuration', $authDuration) ->setAttribute('search', implode(' ', [$projectId, $name]))); $response->dynamic($project, Response::MODEL_PROJECT); diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index 54e2bb37f5..a537054edb 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -732,8 +732,8 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status') $detector = new Detector($request->getUserAgent('UNKNOWN')); $record = $geodb->get($request->getIP()); - $sessionDuration = ($project->getAttribute('sessionDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; - $expire = DateTime::addSeconds(new \DateTime(), $sessionDuration); + $authDuration = ($project->getAttribute('authDuration', 0) * 60) ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG; + $expire = DateTime::addSeconds(new \DateTime(), $authDuration); $secret = Auth::tokenGenerator(); $session = new Document(array_merge([ '$id' => ID::unique(), diff --git a/app/init.php b/app/init.php index 93546075ba..6c9b9c97da 100644 --- a/app/init.php +++ b/app/init.php @@ -917,7 +917,7 @@ App::setResource('console', function () { 'legalCity' => '', 'legalAddress' => '', 'legalTaxId' => '', - 'sessionDuration' => 525600, // 1 Year in minutes + 'authDuration' => 525600, // 1 Year in minutes 'auths' => [ 'limit' => (App::getEnv('_APP_CONSOLE_WHITELIST_ROOT', 'enabled') === 'enabled') ? 1 : 0, // limit signup to 1 user ], diff --git a/src/Appwrite/Utopia/Response/Model/Project.php b/src/Appwrite/Utopia/Response/Model/Project.php index bb04761627..4338aa68dc 100644 --- a/src/Appwrite/Utopia/Response/Model/Project.php +++ b/src/Appwrite/Utopia/Response/Model/Project.php @@ -101,7 +101,7 @@ class Project extends Model 'default' => '', 'example' => '131102020', ]) - ->addRule('sessionDuration', [ + ->addRule('authDuration', [ 'type' => self::TYPE_STRING, 'description' => 'Session duration in minutes.', 'default' => '', diff --git a/tests/e2e/Scopes/ProjectCustom.php b/tests/e2e/Scopes/ProjectCustom.php index 8652889553..33e1820a67 100644 --- a/tests/e2e/Scopes/ProjectCustom.php +++ b/tests/e2e/Scopes/ProjectCustom.php @@ -53,7 +53,7 @@ trait ProjectCustom 'legalCity' => '', 'legalAddress' => '', 'legalTaxId' => '', - 'sessionDuration' => 525600 + 'authDuration' => 525600 ]); $this->assertEquals(201, $project['headers']['status-code']); diff --git a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php index b997acf07f..4d9692745e 100644 --- a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php +++ b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php @@ -396,7 +396,7 @@ class ProjectsConsoleClientTest extends Scope } /** @depends testGetProjectUsage */ - public function testUpdateProjectSessionDuration($data): array + public function testUpdateProjectAuthDuration($data): array { $id = $data['projectId']; @@ -409,7 +409,7 @@ class ProjectsConsoleClientTest extends Scope ], $this->getHeaders()), [ 'projectId' => ID::unique(), 'name' => 'Project Test 2', - 'sessionDuration' => '1', // Set session duration to 1 minute + 'authDuration' => '1', // Set session duration to 1 minute ]); $this->assertEquals(200, $response['headers']['status-code']); @@ -418,7 +418,7 @@ class ProjectsConsoleClientTest extends Scope $this->assertArrayHasKey('platforms', $response['body']); $this->assertArrayHasKey('webhooks', $response['body']); $this->assertArrayHasKey('keys', $response['body']); - $this->assertEquals(1, $response['body']['sessionDuration']); + $this->assertEquals(1, $response['body']['authDuration']); $projectId = $response['body']['$id']; @@ -490,7 +490,7 @@ class ProjectsConsoleClientTest extends Scope ], $this->getHeaders())); $this->assertEquals(200, $response['headers']['status-code']); - $this->assertEquals(525600, $response['body']['sessionDuration']); // 1 Year + $this->assertEquals(525600, $response['body']['authDuration']); // 1 Year return ['projectId' => $projectId]; }