dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Append cookie TTL warning (#1485)

Browse Source
This commit is contained in:
Christophe Maudoux 2018-07-26 20:49:57 +02:00
parent b6a5622ae4
commit 226b64cde0
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
View File

@ -249,6 +249,18 @@ sub tests {
)
);
},
# Warn if cookie TTL is equal or lower than 30s
cookieTTL => sub {
return 1 unless ( defined $conf->{cookieExpiration} );
if ( $conf->{cookieExpiration} =~ /^(\d+)s?$/ ) {
return ( 0, "Cookie TTL must be higher than 30s" )
unless ( $1 > 30 );
}
# Return
return 1;
},
# Warn if manager seems to be unprotected
managerProtection => sub {
@ -413,7 +425,6 @@ sub tests {
if ( $conf->{ $_ . '2fActivation' } eq '1' );
}
return ( 1, ( $w ? $w : () ) );
},
# Warn if TOTP not 6 or 8 digits long
@ -431,6 +442,8 @@ sub tests {
)
);
},
# Warn if TOTP not 6 or 8 digits long
formTimeout => sub {
return 1 unless ( defined $conf->{formTimeout} );
return ( 0, "XSRF form token TTL must be higher than 10s" )
@ -438,6 +451,8 @@ sub tests {
return ( 1,
"XSRF form token TTL should not be higher than 2mn" )
if ( $conf->{formTimeout} > 120 );
# Return
return 1;
},
};