93 lines
3.4 KiB
PHP
Executable File
93 lines
3.4 KiB
PHP
Executable File
<?php
|
|
|
|
namespace App\Http\Controllers\Api;
|
|
|
|
use App\Config\SessionTimeout;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class SessionController extends BaseApiController
|
|
{
|
|
public function getTimeoutConfig()
|
|
{
|
|
try {
|
|
return $this->success([
|
|
'timeout' => SessionTimeout::TIMEOUT_DURATION,
|
|
'warning_time' => SessionTimeout::WARNING_THRESHOLD,
|
|
'check_interval' => SessionTimeout::CHECK_INTERVAL,
|
|
'logout_url' => '/api/v1/logout',
|
|
'keep_alive_url' => '/api/v1/session/ping',
|
|
'check_url' => '/api/v1/session/check',
|
|
], 'Timeout configuration retrieved successfully');
|
|
} catch (\Throwable $e) {
|
|
log_message('error', 'Timeout config error: ' . $e->getMessage());
|
|
return $this->respondError('Failed to retrieve timeout configuration', Response::HTTP_INTERNAL_SERVER_ERROR);
|
|
}
|
|
}
|
|
|
|
public function checkTimeout()
|
|
{
|
|
$user = $this->getCurrentUser();
|
|
if (!$user) {
|
|
return $this->respondError('Session expired', Response::HTTP_UNAUTHORIZED);
|
|
}
|
|
|
|
try {
|
|
$session = session();
|
|
if (!$session->has('last_activity')) {
|
|
return $this->respondError('Session expired', Response::HTTP_UNAUTHORIZED);
|
|
}
|
|
|
|
$lastActivity = (int) $session->get('last_activity');
|
|
$elapsed = time() - $lastActivity;
|
|
|
|
if ($elapsed > SessionTimeout::TIMEOUT_DURATION) {
|
|
$session->invalidate();
|
|
return $this->respondError('Session expired', Response::HTTP_UNAUTHORIZED);
|
|
}
|
|
|
|
if ($elapsed > SessionTimeout::WARNING_THRESHOLD) {
|
|
return $this->success([
|
|
'status' => 'warning',
|
|
'time_remaining' => SessionTimeout::TIMEOUT_DURATION - $elapsed,
|
|
], 'Session warning');
|
|
}
|
|
|
|
return $this->success([
|
|
'status' => 'active',
|
|
'time_remaining' => SessionTimeout::TIMEOUT_DURATION - $elapsed,
|
|
], 'Session active');
|
|
} catch (\Throwable $e) {
|
|
log_message('error', 'Session check error: ' . $e->getMessage());
|
|
return $this->respondError('Failed to check session', Response::HTTP_INTERNAL_SERVER_ERROR);
|
|
}
|
|
}
|
|
|
|
public function pingActivity()
|
|
{
|
|
$user = $this->getCurrentUser();
|
|
if (!$user) {
|
|
return $this->respondError('Session expired', Response::HTTP_UNAUTHORIZED);
|
|
}
|
|
|
|
try {
|
|
$session = session();
|
|
$lastActivity = (int) ($session->get('last_activity') ?? 0);
|
|
|
|
if (!$lastActivity || (time() - $lastActivity > SessionTimeout::TIMEOUT_DURATION)) {
|
|
$session->invalidate();
|
|
return $this->respondError('Session expired', Response::HTTP_UNAUTHORIZED);
|
|
}
|
|
|
|
$session->put('last_activity', time());
|
|
|
|
return $this->success([
|
|
'status' => 'active',
|
|
'time_remaining' => SessionTimeout::TIMEOUT_DURATION,
|
|
], 'Session activity updated');
|
|
} catch (\Throwable $e) {
|
|
log_message('error', 'Session ping error: ' . $e->getMessage());
|
|
return $this->respondError('Failed to update session activity', Response::HTTP_INTERNAL_SERVER_ERROR);
|
|
}
|
|
}
|
|
}
|