From d18f9d3b0e4f16c3ec6e2f41ff567e0e2891bbf0 Mon Sep 17 00:00:00 2001 From: "Jannis M. Hoffmann" Date: Fri, 1 Nov 2024 23:31:03 +0100 Subject: refresh session timeout on access --- README.md | 2 +- src/jwebmail/__init__.py | 2 +- src/jwebmail/read_mails.py | 11 +++++++++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 2fd628c..cd60505 100644 --- a/README.md +++ b/README.md @@ -21,4 +21,4 @@ That's it. (user VARCHAR(64) PRIMARY KEY, password VARCHAR(255), timeout TIMESTAMP(2) NOT NULL); -4. Grant privileges to the user jwebmail for the above table for at least SELECT, INSERT and DELETE +4. Grant privileges to the user jwebmail for the above table for at least SELECT, INSERT, UPDATE and DELETE diff --git a/src/jwebmail/__init__.py b/src/jwebmail/__init__.py index dd1335c..631215b 100644 --- a/src/jwebmail/__init__.py +++ b/src/jwebmail/__init__.py @@ -36,7 +36,7 @@ else: toml_read_file = dict(load=toml_load, text=True) -__version__ = "2.3.0.dev2" +__version__ = "2.3.0.dev3" csrf = CSRFProtect() diff --git a/src/jwebmail/read_mails.py b/src/jwebmail/read_mails.py index 01252ee..44eba8d 100644 --- a/src/jwebmail/read_mails.py +++ b/src/jwebmail/read_mails.py @@ -61,11 +61,18 @@ class MysqlTimeoutSession: cur.execute("DELETE FROM session WHERE timeout < NOW()") cur.execute("SELECT password FROM session WHERE user = %s", [key]) row = cur.fetchone() - self.conn.commit() - cur.close() + if row is None: + self.conn.commit() + cur.close() return None else: + timeout = datetime.now() + timedelta(seconds=self.timeout) + cur.execute( + "UPDATE session SET timeout = %s WHERE user = %s", [timeout, key] + ) + self.conn.commit() + cur.close() return row[0] -- cgit v1.2.3