feat: configurable timings

2 months ago · a04c5b062e
parent a99045a034
commit a04c5b062e
9 changed files with 54 additions and 21 deletions
--- a/.config/misso.yml.example
+++ b/.config/misso.yml.example
@ -7,3 +7,8 @@ misskey:
    secret: ""
 hydra:
  admin_url: "http://localhost:4445"
+time:
+  request_valid: 3600
+  login_remember: 600
+  consent_remember: 0
+  userinfo_cache: 3600
--- a/consts/time.go
+++ b/consts/time.go
@ -1,12 +1,10 @@
 package consts

-import "time"
-
 const (
-	TIME_REQUEST_VALID = 1 * time.Hour
+	TIME_DEFAULT_REQUEST_VALID = 3600 // 1 Hour

-	TIME_LOGIN_REMEMBER   = 10 * time.Minute
-	TIME_CONSENT_REMEMBER = 0 // Forever
+	TIME_DEFAULT_LOGIN_REMEMBER   = 600 // 10 Minute
+	TIME_DEFAULT_CONSENT_REMEMBER = 0   // Forever

-	TIME_USERINFO_CACHE = 1 * time.Hour
+	TIME_DEFAULT_USERINFO_CACHE = 3600 // 1 Hour
 )
--- a/handlers/consent/consent_check.go
+++ b/handlers/consent/consent_check.go
@ -5,10 +5,12 @@ import (
 	"fmt"
 	"github.com/gin-gonic/gin"
 	client "github.com/ory/hydra-client-go/v2"
+	"misso/config"
 	"misso/consts"
 	"misso/global"
 	"misso/utils"
 	"net/http"
+	"time"
 )

 func ConsentCheck(ctx *gin.Context) {
@ -57,7 +59,7 @@ func ConsentCheck(ctx *gin.Context) {
 		global.Logger.Debugf("Generating CSRF token...")
 		csrf := utils.RandString(32)
 		sessKey := fmt.Sprintf(consts.REDIS_KEY_CONSENT_CSRF, oauth2challenge)
-		err := global.Redis.Set(context.Background(), sessKey, csrf, consts.TIME_REQUEST_VALID).Err()
+		err := global.Redis.Set(context.Background(), sessKey, csrf, time.Duration(config.Config.Time.RequestValid)*time.Second).Err()
 		if err != nil {
 			global.Logger.Errorf("Failed to save csrf into redis with error: %v", err)
 			ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{
--- a/handlers/consent/consent_confirm.go
+++ b/handlers/consent/consent_confirm.go
@ -5,10 +5,10 @@ import (
 	"fmt"
 	"github.com/gin-gonic/gin"
 	client "github.com/ory/hydra-client-go/v2"
+	"misso/config"
 	"misso/consts"
 	"misso/global"
 	"net/http"
-	"time"
 )

 type ConsentConfirmRequest struct {
@ -88,9 +88,9 @@ func ConsentConfirm(ctx *gin.Context) {
 		global.Logger.Debugf("User accepted the request, reporting back to hydra...")

 		global.Logger.Debugf("Initializing ID Token...")
-		rememberFor := int64(consts.TIME_CONSENT_REMEMBER / time.Second) // Remember forever
+		rememberFor := config.Config.Time.ConsentRemember // Remember forever
 		acceptReq, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2ConsentRequest(context.Background()).ConsentChallenge(oauth2challenge).AcceptOAuth2ConsentRequest(client.AcceptOAuth2ConsentRequest{
-			GrantScope:               consentReq.RequestedScope, // TODO: Specify scopes
+			GrantScope:               consentReq.RequestedScope,
 			GrantAccessTokenAudience: consentReq.RequestedAccessTokenAudience,
 			Remember:                 &req.Remember,
 			RememberFor:              &rememberFor,
--- a/handlers/login/login.go
+++ b/handlers/login/login.go
@ -5,10 +5,12 @@ import (
 	"fmt"
 	"github.com/gin-gonic/gin"
 	client "github.com/ory/hydra-client-go/v2"
+	"misso/config"
 	"misso/consts"
 	"misso/global"
 	"misso/misskey"
 	"net/http"
+	"time"
 )

 func Login(ctx *gin.Context) {
@ -69,7 +71,7 @@ func Login(ctx *gin.Context) {

 		// Save login challenge state into redis (misskey cannot keep state info)
 		sessKey := fmt.Sprintf(consts.REDIS_KEY_LOGIN_SESSION, authSess.Token)
-		err = global.Redis.Set(context.Background(), sessKey, oauth2challenge, consts.TIME_REQUEST_VALID).Err()
+		err = global.Redis.Set(context.Background(), sessKey, oauth2challenge, time.Duration(config.Config.Time.RequestValid)*time.Second).Err()
 		if err != nil {
 			global.Logger.Errorf("Failed to save session into redis with error: %v", err)
 			ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{
--- a/handlers/login/misskey_auth_callback.go
+++ b/handlers/login/misskey_auth_callback.go
@ -10,7 +10,6 @@ import (
 	"misso/global"
 	"misso/misskey"
 	"net/http"
-	"time"
 )

 func MisskeyAuthCallback(ctx *gin.Context) {
@ -75,13 +74,15 @@ func MisskeyAuthCallback(ctx *gin.Context) {
 	}

 	global.Logger.Debugf("User accepted the request, reporting back to hydra...")
-	remember := true
-	rememberFor := int64(consts.TIME_LOGIN_REMEMBER / time.Second)
-	acceptReq, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2LoginRequest(context.Background()).LoginChallenge(oauth2challenge).AcceptOAuth2LoginRequest(client.AcceptOAuth2LoginRequest{
-		Subject:     userIdentifier,
-		Remember:    &remember,
-		RememberFor: &rememberFor,
-	}).Execute()
+	acceptReq := client.AcceptOAuth2LoginRequest{
+		Subject: userIdentifier,
+	}
+	if config.Config.Time.LoginRemember > 0 {
+		remember := true
+		acceptReq.Remember = &remember
+		acceptReq.RememberFor = &config.Config.Time.LoginRemember
+	}
+	acceptRes, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2LoginRequest(context.Background()).LoginChallenge(oauth2challenge).AcceptOAuth2LoginRequest(acceptReq).Execute()
 	if err != nil {
 		global.Logger.Errorf("Failed to accept login request with error: %v", err)
 		ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{
@ -91,7 +92,7 @@ func MisskeyAuthCallback(ctx *gin.Context) {
 	}

 	// Redirect to target uri
-	ctx.Redirect(http.StatusTemporaryRedirect, acceptReq.RedirectTo)
+	ctx.Redirect(http.StatusTemporaryRedirect, acceptRes.RedirectTo)

 	global.Logger.Debugf("User should now be redirecting to target URI.")

--- a/inits/config.go
+++ b/inits/config.go
@ -3,6 +3,7 @@ package inits
 import (
 	"gopkg.in/yaml.v3"
 	"misso/config"
+	"misso/consts"
 	"os"
 )

@ -23,5 +24,21 @@ func Config() error {
 		return err
 	}

+	// Validate time
+	if config.Config.Time.RequestValid <= 0 {
+		config.Config.Time.RequestValid = consts.TIME_DEFAULT_REQUEST_VALID
+	}
+	if config.Config.Time.LoginRemember < 0 {
+		// 0 means don't remember (in extreme account switch situations)
+		config.Config.Time.LoginRemember = consts.TIME_DEFAULT_LOGIN_REMEMBER
+	}
+	if config.Config.Time.ConsentRemember < 0 {
+		// 0 means remember forever (default behavior)
+		config.Config.Time.ConsentRemember = consts.TIME_DEFAULT_CONSENT_REMEMBER
+	}
+	if config.Config.Time.UserinfoCache <= 0 {
+		config.Config.Time.UserinfoCache = consts.TIME_DEFAULT_USERINFO_CACHE
+	}
+
 	return nil
 }
--- a/types/Config.go
+++ b/types/Config.go
@ -14,4 +14,10 @@ type Config struct {
 	Hydra struct {
 		AdminUrl string `yaml:"admin_url"`
 	} `yaml:"hydra"`
+	Time struct {
+		RequestValid    int64 `yaml:"request_valid"`
+		LoginRemember   int64 `yaml:"login_remember"`
+		ConsentRemember int64 `yaml:"consent_remember"`
+		UserinfoCache   int64 `yaml:"userinfo_cache"`
+	} `yaml:"time"`
 }
--- a/utils/save_userinfo.go
+++ b/utils/save_userinfo.go
@ -4,9 +4,11 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"misso/config"
 	"misso/consts"
 	"misso/global"
 	"misso/types"
+	"time"
 )

 func SaveUserinfo(subject string, userinfo *types.MisskeyUser) error {
@ -16,7 +18,7 @@ func SaveUserinfo(subject string, userinfo *types.MisskeyUser) error {
 		return err
 	}
 	sessUserInfoKey := fmt.Sprintf(consts.REDIS_KEY_USER_INFO, subject)
-	err = global.Redis.Set(context.Background(), sessUserInfoKey, userinfoBytes, consts.TIME_USERINFO_CACHE).Err()
+	err = global.Redis.Set(context.Background(), sessUserInfoKey, userinfoBytes, time.Duration(config.Config.Time.UserinfoCache)*time.Second).Err()
 	if err != nil {
 		global.Logger.Errorf("Failed to save session user info into redis with error: %v", err)
 		return err