make sessions expire

(cherry picked from commit b9becd8649)

# Conflicts:
#	core/admin/mailu/configuration.py

core/admin/mailu/configuration.py

@@ -1,7 +1,11 @@
 import os
 
 from datetime import timedelta
+<<<<<<< HEAD
 import ipaddress
+=======
+from socrate import system
+>>>>>>> b9becd86 (make sessions expire)
 
 DEFAULT_CONFIG = {
     # Specific to the admin UI
@@ -72,6 +76,7 @@ DEFAULT_CONFIG = {
     'LOGO_URL': None,
     'LOGO_BACKGROUND': None,
     # Advanced settings
+<<<<<<< HEAD
     'AUTH_REQUIRE_TOKENS': False,
     'API': False,
     'WEB_API': '/api',
@@ -83,6 +88,11 @@ DEFAULT_CONFIG = {
     'SESSION_TIMEOUT': 3600,
     'PERMANENT_SESSION_LIFETIME': 30*24*3600,
     'SESSION_COOKIE_SECURE': None,
+=======
+    'LOG_LEVEL': 'WARNING',
+    'SESSION_LIFETIME': 24,
+    'SESSION_COOKIE_SECURE': True,
+>>>>>>> b9becd86 (make sessions expire)
     'CREDENTIAL_ROUNDS': 12,
     'TLS_PERMISSIVE': True,
     'TZ': 'Etc/UTC',
@@ -171,6 +181,7 @@ class ConfigManager:
             pass
 =======
         self.config['SESSION_KEY_BITS'] = 128
+        self.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=int(self.config['SESSION_LIFETIME']))
         # update the app config itself
         app.config = self
 >>>>>>> d459c374 (make session IDs 128bits)

docs/configuration.rst

@@ -235,6 +235,8 @@ intend to access it over plain HTTP.
 requests before a session is invalidated. ``PERMANENT_SESSION_LIFETIME`` (default: 108000)
 is the maximum amount of time in seconds a session can be kept alive for if it hasn't timed-out.
 
+``SESSION_LIFETIME`` (default: 24) is the length in hours a session is valid for on the administrative interface.
+
 The ``LOG_LEVEL`` setting is used by the python start-up scripts as a logging threshold.
 Log messages equal or higher than this priority will be printed.
 Can be one of: CRITICAL, ERROR, WARNING, INFO, DEBUG or NOTSET.