39 lines
1.0 KiB
PHP
39 lines
1.0 KiB
PHP
|
|
<?php
|
||
|
|
|
||
|
|
use MintyPHP\Http\SessionStoreInterface;
|
||
|
|
use MintyPHP\Router;
|
||
|
|
use MintyPHP\Service\Settings\SettingsSessionGateway;
|
||
|
|
use MintyPHP\Session;
|
||
|
|
|
||
|
|
if ((requestInput()->method()) !== 'POST') {
|
||
|
|
http_response_code(405);
|
||
|
|
Router::json(['ok' => false, 'error' => 'method_not_allowed']);
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
$sessionStore = app(SessionStoreInterface::class);
|
||
|
|
$session = $sessionStore->all();
|
||
|
|
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||
|
|
if ($currentUserId <= 0) {
|
||
|
|
http_response_code(403);
|
||
|
|
Router::json(['ok' => false, 'error' => 'forbidden']);
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!Session::checkCsrfToken()) {
|
||
|
|
http_response_code(403);
|
||
|
|
Router::json(['ok' => false, 'error' => 'csrf']);
|
||
|
|
return;
|
||
|
|
}
|
||
|
|
|
||
|
|
// Touch session idle timer (absolute timeout remains unchanged).
|
||
|
|
$sessionStore->set('session_last_activity', time());
|
||
|
|
|
||
|
|
$sessionGateway = app(SettingsSessionGateway::class);
|
||
|
|
$idleTimeoutSeconds = $sessionGateway->getSessionIdleTimeoutSeconds();
|
||
|
|
|
||
|
|
Router::json([
|
||
|
|
'ok' => true,
|
||
|
|
'idle_timeout_seconds' => $idleTimeoutSeconds,
|
||
|
|
]);
|