diff --git a/src/dba/models/User.class.php b/src/dba/models/User.class.php index ae49f9061..16c812510 100644 --- a/src/dba/models/User.class.php +++ b/src/dba/models/User.class.php @@ -72,7 +72,7 @@ static function getFeatures(): array { $dict['isComputedPassword'] = ['read_only' => True, "type" => "bool", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "isComputedPassword", "public" => False, "dba_mapping" => False]; $dict['lastLoginDate'] = ['read_only' => True, "type" => "int64", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "lastLoginDate", "public" => False, "dba_mapping" => False]; $dict['registeredSince'] = ['read_only' => True, "type" => "int64", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "registeredSince", "public" => False, "dba_mapping" => False]; - $dict['sessionLifetime'] = ['read_only' => False, "type" => "int", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => False, "private" => False, "alias" => "sessionLifetime", "public" => False, "dba_mapping" => False]; + $dict['sessionLifetime'] = ['read_only' => False, "type" => "int", "subtype" => "unset", "choices" => "unset", "null" => True, "pk" => False, "protected" => False, "private" => False, "alias" => "sessionLifetime", "public" => False, "dba_mapping" => False]; $dict['rightGroupId'] = ['read_only' => False, "type" => "int", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => False, "private" => False, "alias" => "globalPermissionGroupId", "public" => False, "dba_mapping" => False]; $dict['yubikey'] = ['read_only' => True, "type" => "str(256)", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "yubikey", "public" => False, "dba_mapping" => False]; $dict['otp1'] = ['read_only' => True, "type" => "str(256)", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "otp1", "public" => False, "dba_mapping" => False]; diff --git a/src/inc/apiv2/model/users.routes.php b/src/inc/apiv2/model/users.routes.php index 917937ca1..f117f8ffe 100644 --- a/src/inc/apiv2/model/users.routes.php +++ b/src/inc/apiv2/model/users.routes.php @@ -86,6 +86,7 @@ protected function createObject($data): int { $data[User::RIGHT_GROUP_ID], $this->getCurrentUser(), $data[User::IS_VALID] ?? false, + $data[User::SESSION_LIFETIME] ?? 3600 ); return $user->getId(); @@ -95,6 +96,7 @@ function getAllPostParameters(array $features): array { $features = parent::getAllPostParameters($features); unset($features[User::IS_VALID]); + unset($features[User::SESSION_LIFETIME]); return $features; } diff --git a/src/inc/utils/UserUtils.class.php b/src/inc/utils/UserUtils.class.php index d6f7fcd78..824ac1f16 100644 --- a/src/inc/utils/UserUtils.class.php +++ b/src/inc/utils/UserUtils.class.php @@ -186,7 +186,7 @@ public static function setPassword($userId, $password, $adminUser) { * @throws HttpConflict * @throws HttpError */ - public static function createUser(string $username, string $email, int $rightGroupId, User $adminUser, bool $isValid = true): User { + public static function createUser(string $username, string $email, int $rightGroupId, User $adminUser, bool $isValid = true, int $session_lifetime=3600): User { $username = htmlentities($username, ENT_QUOTES, "UTF-8"); $group = AccessControlUtils::getGroup($rightGroupId); if (!filter_var($email, FILTER_VALIDATE_EMAIL) || strlen($email) == 0) { @@ -206,7 +206,7 @@ public static function createUser(string $username, string $email, int $rightGro $newPass = Util::randomString(10); $newSalt = Util::randomString(20); $newHash = Encryption::passwordHash($newPass, $newSalt); - $user = new User(null, $username, $email, $newHash, $newSalt, $isValid ? 1: 0, 1, 0, time(), 3600, $group->getId(), 0, "", "", "", ""); + $user = new User(null, $username, $email, $newHash, $newSalt, $isValid ? 1: 0, 1, 0, time(), $session_lifetime, $group->getId(), 0, "", "", "", ""); Factory::getUserFactory()->save($user); // add user to default group