From ac164cfca88930c6e9eee3add8bd45cf5747c104 Mon Sep 17 00:00:00 2001
From: Zach Prezkuta <fermion@gmx.com>
Date: Thu, 8 Nov 2012 17:00:37 -0700
Subject: [PATCH] refresh login time every 12 hours for 'Remember me'

---
 include/auth.php     | 15 ++++++++++++++-
 include/security.php |  9 ++++++---
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/include/auth.php b/include/auth.php
index 1ddba7c880..b534d4a4d3 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -2,6 +2,7 @@
 
 
 require_once('include/security.php');
+require_once('include/datetime.php');
 
 function nuke_session() {
 	unset($_SESSION['authenticated']);
@@ -68,7 +69,18 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 			goaway(z_root());
 		}
 
-		authenticate_success($r[0]);
+		// Make sure to refresh the last login time for the user if the user
+		// stays logged in for a long time, e.g. with "Remember Me"
+		$login_refresh = false;
+		if(! x($_SESSION['last_login_date'])) {
+			$_SESSION['last_login_date'] = datetime_convert('UTC','UTC');
+		}
+		if( strcmp(datetime_convert('UTC','UTC','now - 12 hours'), $_SESSION['last_login_date']) > 0 ) {
+
+			$_SESSION['last_login_date'] = datetime_convert('UTC','UTC');
+			$login_refresh = true;
+		}
+		authenticate_success($r[0], false, false, $login_refresh);
 	}
 }
 else {
@@ -191,6 +203,7 @@ else {
 
 		// if we haven't failed up this point, log them in.
 
+		$_SESSION['last_login_date'] = datetime_convert('UTC','UTC');
 		authenticate_success($record, true, true);
 	}
 }
diff --git a/include/security.php b/include/security.php
index 0558df1a1a..56d4cad36f 100644
--- a/include/security.php
+++ b/include/security.php
@@ -1,6 +1,6 @@
 <?php
 
-function authenticate_success($user_record, $login_initial = false, $interactive = false) {
+function authenticate_success($user_record, $login_initial = false, $interactive = false, $login_refresh = false) {
 
 	$a = get_app();
 
@@ -65,6 +65,8 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 
 	if($login_initial)
 		logger('auth_identities: ' . print_r($a->identities,true), LOGGER_DEBUG);
+	if($login_refresh)
+		logger('auth_identities refresh: ' . print_r($a->identities,true), LOGGER_DEBUG);
 
 	$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
 		intval($_SESSION['uid']));
@@ -76,7 +78,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 
 	header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
 
-	if($login_initial) {
+	if($login_initial || $login_refresh) {
 		$l = get_browser_language();
 
 		q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1",
@@ -84,7 +86,8 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 			dbesc($l),
 			intval($_SESSION['uid'])
 		);
-
+	}
+	if($login_initial) {
 		call_hooks('logged_in', $a->user);
 
 		if(($a->module !== 'home') && isset($_SESSION['return_url']))