diff options
author | Anton Tananaev <anton@traccar.org> | 2023-11-26 08:21:33 -0800 |
---|---|---|
committer | Anton Tananaev <anton@traccar.org> | 2023-11-26 08:21:33 -0800 |
commit | b73c8246c2023feae9eb5332a69f0ab8a1cd4e3d (patch) | |
tree | 3b5a2804decbef533f563203699810b9ba0c56ff /src | |
parent | fc8678b22929026e6c62284add8ff1cbca247f20 (diff) | |
download | trackermap-server-b73c8246c2023feae9eb5332a69f0ab8a1cd4e3d.tar.gz trackermap-server-b73c8246c2023feae9eb5332a69f0ab8a1cd4e3d.tar.bz2 trackermap-server-b73c8246c2023feae9eb5332a69f0ab8a1cd4e3d.zip |
Limit token expiration extension
Diffstat (limited to 'src')
-rw-r--r-- | src/main/java/org/traccar/api/resource/SessionResource.java | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java index 0435f4f92..02c9837f0 100644 --- a/src/main/java/org/traccar/api/resource/SessionResource.java +++ b/src/main/java/org/traccar/api/resource/SessionResource.java @@ -181,6 +181,10 @@ public class SessionResource extends BaseResource { @POST public String requestToken( @FormParam("expiration") Date expiration) throws StorageException, GeneralSecurityException, IOException { + Date currentExpiration = (Date) request.getSession().getAttribute(EXPIRATION_KEY); + if (currentExpiration != null && currentExpiration.before(expiration)) { + expiration = currentExpiration; + } return tokenManager.generateToken(getUserId(), expiration); } |