From ef3e9cd320f6aab54e240f7329dd5199c5027c9d Mon Sep 17 00:00:00 2001
From: Jerome_maarch <jerome.boucher@maarch.org>
Date: Wed, 27 Mar 2019 11:22:35 +0100
Subject: [PATCH] remove default value for timeout on organization cookie token

---
 .../auth/Controller/userAuthentication.php    |  2 +-
 .../Controller/abstractPosition.php           | 22 +++++++++----------
 .../Controller/servicePosition.php            |  2 +-
 .../maarchRM/Observer/authentication.php      |  2 +-
 4 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/bundle/auth/Controller/userAuthentication.php b/src/bundle/auth/Controller/userAuthentication.php
index c945aa1db..16b7d70ec 100755
--- a/src/bundle/auth/Controller/userAuthentication.php
+++ b/src/bundle/auth/Controller/userAuthentication.php
@@ -139,7 +139,7 @@ class userAuthentication
         \laabs::setToken('AUTH', $accountToken, $tokenDuration);
 
         if ($this->securityPolicy['passwordValidity'] && $this->securityPolicy["passwordValidity"] != 0) {
-            $diff = ($currentDate->getTimestamp() - $userAccount->passwordLastChange->getTimestamp()) / 86400;
+            $diff = ($currentDate->getTimestamp() - $userAccount->passwordLastChange->getTimestamp()) / $tokenDuration;
             if ($diff > $this->securityPolicy['passwordValidity']) {
                 throw \laabs::newException('auth/userPasswordChangeRequestException');
             }
diff --git a/src/bundle/organization/Controller/abstractPosition.php b/src/bundle/organization/Controller/abstractPosition.php
index e6a3ae837..0744354ea 100755
--- a/src/bundle/organization/Controller/abstractPosition.php
+++ b/src/bundle/organization/Controller/abstractPosition.php
@@ -25,7 +25,7 @@ namespace bundle\organization\Controller;
  * Control of the organization types
  *
  * @package Organization
- * @author  Prosper DE LAURE <prosper.delaure@maarch.org> 
+ * @author  Prosper DE LAURE <prosper.delaure@maarch.org>
  */
 abstract class abstractPosition
 {
@@ -37,7 +37,7 @@ abstract class abstractPosition
      *
      * @return void
      */
-    public function __construct(\dependency\sdo\Factory $sdoFactory) 
+    public function __construct(\dependency\sdo\Factory $sdoFactory)
     {
         $this->sdoFactory = $sdoFactory;
     }
@@ -69,7 +69,7 @@ abstract class abstractPosition
             $position->organization->orgName = $organization->displayName;
 
             if ($position->default && !$currentOrg) {
-                \laabs::setToken("ORGANIZATION", $organization, 86400);
+                \laabs::setToken("ORGANIZATION", $organization, \laabs::configuration("auth")['securityPolicy']['sessionTimeout']);
                 $setToken = true;
             }
 
@@ -77,7 +77,7 @@ abstract class abstractPosition
         }
 
         if (!$setToken && !$currentOrg && $organizations) {
-            \laabs::setToken("ORGANIZATION", $organizations[0], 86400);
+            \laabs::setToken("ORGANIZATION", $organizations[0], \laabs::configuration("auth")['securityPolicy']['sessionTimeout']);
         }
 
         usort($positions, function ($pos1, $pos2) {
@@ -91,7 +91,7 @@ abstract class abstractPosition
         return $positions;
     }
 
-    
+
     /**
      * Get my current organization tree
      *
@@ -112,14 +112,14 @@ abstract class abstractPosition
 
     /**
      * Set my working positions
-     * @param organization/organization $orgId The organization identifier 
-     * 
+     * @param organization/organization $orgId The organization identifier
+     *
      * @return bool The result of the operation
      */
     public function setCurrentPosition($orgId)
     {
         if ($organization = $this->sdoFactory->read('organization/organization', $orgId)) {
-            \laabs::setToken("ORGANIZATION", $organization, 86400);
+            \laabs::setToken("ORGANIZATION", $organization, \laabs::configuration("auth")['securityPolicy']['sessionTimeout']);
 
             return true;
         }
@@ -130,7 +130,7 @@ abstract class abstractPosition
     }
 
     /**
-     * List user owner org and 
+     * List user owner org and
      *
      * @return object[] The list of organization ids
      */
@@ -282,7 +282,7 @@ abstract class abstractPosition
 
     /**
      * Get descendant archival profiles
-     * 
+     *
      * @return object[]
      */
     public function getdescendantArchivalProfiles()
@@ -311,7 +311,7 @@ abstract class abstractPosition
             if (!empty($descendantArchivalProfiles[$archivalProfileAccess->archivalProfileReference])){
                 continue;
             }
-            
+
             if ($archivalProfileAccess->archivalProfileReference != '*') {
                 $descendantArchivalProfiles[$archivalProfileAccess->archivalProfileReference] = $archivalProfileController->getByReference($archivalProfileAccess->archivalProfileReference);
             }
diff --git a/src/bundle/organization/Controller/servicePosition.php b/src/bundle/organization/Controller/servicePosition.php
index 6fb06c544..247593c41 100755
--- a/src/bundle/organization/Controller/servicePosition.php
+++ b/src/bundle/organization/Controller/servicePosition.php
@@ -44,7 +44,7 @@ class servicePosition extends abstractPosition
 
         $positions =  $this->sdoFactory->find('organization/servicePosition', "serviceAccountId = '".$accountToken->accountId."'");
 
-        \laabs::setToken("ORGANIZATION", $positions[0], 86400);
+        \laabs::setToken("ORGANIZATION", $positions[0], \laabs::configuration("auth")['securityPolicy']['sessionTimeout']);
 
         return $positions;
     }
diff --git a/src/presentation/maarchRM/Observer/authentication.php b/src/presentation/maarchRM/Observer/authentication.php
index 96189f271..c7413f011 100755
--- a/src/presentation/maarchRM/Observer/authentication.php
+++ b/src/presentation/maarchRM/Observer/authentication.php
@@ -154,7 +154,7 @@ class authentication
 
             if (!$isUserPosition) {
                 \laabs::newException("auth/authenticationException", "Missing authentication credential", 403);
-                \laabs::setToken("ORGANIZATION", $default->organization, 86400);
+                \laabs::setToken("ORGANIZATION", $default->organization, \laabs::configuration("auth")['securityPolicy']['sessionTimeout']);
             }
         }
 
-- 
GitLab