From faac303effadc2ef22d0e5100022418ad8c9c947 Mon Sep 17 00:00:00 2001
From: Deluan <deluan@deluan.com>
Date: Wed, 18 Mar 2020 20:16:18 -0400
Subject: [PATCH] feat: allow session timeout to be configurable. closes #101

---
 conf/configuration.go | 13 +++++++------
 consts/consts.go      |  6 +++---
 engine/auth/auth.go   | 23 +++++++++++++++++++----
 3 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/conf/configuration.go b/conf/configuration.go
index 84ce7ffbf..c4202f409 100644
--- a/conf/configuration.go
+++ b/conf/configuration.go
@@ -13,12 +13,13 @@ import (
 )
 
 type nd struct {
-	Port         string `default:"4533"`
-	MusicFolder  string `default:"./music"`
-	DataFolder   string `default:"./"`
-	ScanInterval string `default:"1m"`
-	DbPath       string
-	LogLevel     string `default:"info"`
+	Port           string `default:"4533"`
+	MusicFolder    string `default:"./music"`
+	DataFolder     string `default:"./"`
+	ScanInterval   string `default:"1m"`
+	DbPath         string ``
+	LogLevel       string `default:"info"`
+	SessionTimeout string `default:"30s"`
 
 	IgnoredArticles string `default:"The El La Los Las Le Les Os As O A"`
 	IndexGroups     string `default:"A B C D E F G H I J K L M N O P Q R S T U V W X-Z(XYZ) [Unknown]([)"`
diff --git a/consts/consts.go b/consts/consts.go
index a8ef159ac..b85f9a016 100644
--- a/consts/consts.go
+++ b/consts/consts.go
@@ -9,9 +9,9 @@ const (
 	DefaultDbPath       = "navidrome.db?cache=shared&_busy_timeout=15000&_journal_mode=WAL"
 	InitialSetupFlagKey = "InitialSetup"
 
-	JWTSecretKey       = "JWTSecret"
-	JWTIssuer          = "ND"
-	JWTTokenExpiration = 30 * time.Minute
+	JWTSecretKey          = "JWTSecret"
+	JWTIssuer             = "ND"
+	DefaultSessionTimeout = 30 * time.Minute
 
 	UIAssetsLocalPath = "ui/build"
 
diff --git a/engine/auth/auth.go b/engine/auth/auth.go
index 4ca5c86f7..4c8db1a02 100644
--- a/engine/auth/auth.go
+++ b/engine/auth/auth.go
@@ -5,6 +5,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/deluan/navidrome/conf"
 	"github.com/deluan/navidrome/consts"
 	"github.com/deluan/navidrome/log"
 	"github.com/deluan/navidrome/model"
@@ -13,9 +14,10 @@ import (
 )
 
 var (
-	once      sync.Once
-	JwtSecret []byte
-	TokenAuth *jwtauth.JWTAuth
+	once           sync.Once
+	JwtSecret      []byte
+	TokenAuth      *jwtauth.JWTAuth
+	sessionTimeOut time.Duration
 )
 
 func InitTokenAuth(ds model.DataStore) {
@@ -39,8 +41,21 @@ func CreateToken(u *model.User) (string, error) {
 	return TouchToken(token)
 }
 
+func getSessionTimeOut() time.Duration {
+	if sessionTimeOut == 0 {
+		if to, err := time.ParseDuration(conf.Server.SessionTimeout); err != nil {
+			sessionTimeOut = consts.DefaultSessionTimeout
+		} else {
+			sessionTimeOut = to
+		}
+		log.Info("Setting Session Timeout", "value", sessionTimeOut)
+	}
+	return sessionTimeOut
+}
+
 func TouchToken(token *jwt.Token) (string, error) {
-	expireIn := time.Now().Add(consts.JWTTokenExpiration).Unix()
+	timeout := getSessionTimeOut()
+	expireIn := time.Now().Add(timeout).Unix()
 	claims := token.Claims.(jwt.MapClaims)
 	claims["exp"] = expireIn