44 Zeilen
1.9 KiB
Python
44 Zeilen
1.9 KiB
Python
from functools import wraps
|
|
from flask import session, redirect, url_for, flash, request
|
|
from datetime import datetime, timedelta
|
|
from zoneinfo import ZoneInfo
|
|
import logging
|
|
from utils.audit import log_audit
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def login_required(f):
|
|
@wraps(f)
|
|
def decorated_function(*args, **kwargs):
|
|
if 'logged_in' not in session:
|
|
return redirect(url_for('auth.login'))
|
|
|
|
# Check if session has expired
|
|
if 'last_activity' in session:
|
|
last_activity = datetime.fromisoformat(session['last_activity'])
|
|
time_since_activity = datetime.now(ZoneInfo("Europe/Berlin")).replace(tzinfo=None) - last_activity
|
|
|
|
# Debug logging
|
|
logger.info(f"Session check for {session.get('username', 'unknown')}: "
|
|
f"Last activity: {last_activity}, "
|
|
f"Time since: {time_since_activity.total_seconds()} seconds")
|
|
|
|
if time_since_activity > timedelta(minutes=5):
|
|
# Session expired - Logout
|
|
username = session.get('username', 'unbekannt')
|
|
logger.info(f"Session timeout for user {username} - auto logout")
|
|
# Audit log for automatic logout (before session.clear()!)
|
|
try:
|
|
log_audit('AUTO_LOGOUT', 'session',
|
|
additional_info={'reason': 'Session timeout (5 minutes)', 'username': username})
|
|
except:
|
|
pass
|
|
session.clear()
|
|
flash('Ihre Sitzung ist abgelaufen. Bitte melden Sie sich erneut an.', 'warning')
|
|
return redirect(url_for('auth.login'))
|
|
|
|
# Activity is NOT automatically updated
|
|
# Only on explicit user actions (done by heartbeat)
|
|
return f(*args, **kwargs)
|
|
return decorated_function |