Initial commit

v2_adminpanel/auth/decorators.py

@@ -0,0 +1,44 @@
+from functools import wraps
+from flask import session, redirect, url_for, flash, request
+from datetime import datetime, timedelta
+from zoneinfo import ZoneInfo
+import logging
+from utils.audit import log_audit
+
+logger = logging.getLogger(__name__)
+
+
+def login_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if 'logged_in' not in session:
+            return redirect(url_for('auth.login'))
+        
+        # Check if session has expired
+        if 'last_activity' in session:
+            last_activity = datetime.fromisoformat(session['last_activity'])
+            time_since_activity = datetime.now(ZoneInfo("Europe/Berlin")).replace(tzinfo=None) - last_activity
+            
+            # Debug logging
+            logger.info(f"Session check for {session.get('username', 'unknown')}: "
+                       f"Last activity: {last_activity}, "
+                       f"Time since: {time_since_activity.total_seconds()} seconds")
+            
+            if time_since_activity > timedelta(minutes=5):
+                # Session expired - Logout
+                username = session.get('username', 'unbekannt')
+                logger.info(f"Session timeout for user {username} - auto logout")
+                # Audit log for automatic logout (before session.clear()!)
+                try:
+                    log_audit('AUTO_LOGOUT', 'session', 
+                             additional_info={'reason': 'Session timeout (5 minutes)', 'username': username})
+                except:
+                    pass
+                session.clear()
+                flash('Ihre Sitzung ist abgelaufen. Bitte melden Sie sich erneut an.', 'warning')
+                return redirect(url_for('auth.login'))
+        
+        # Activity is NOT automatically updated
+        # Only on explicit user actions (done by heartbeat)
+        return f(*args, **kwargs)
+    return decorated_function