From 226b64cde06c53e4f433b02937f41cbc69ed92bb Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Thu, 26 Jul 2018 20:49:57 +0200
Subject: [PATCH] Append cookie TTL warning (#1485)

---
 .../lib/Lemonldap/NG/Manager/Conf/Tests.pm      | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
index b14465bcd..3aaa7a5d5 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
@@ -249,6 +249,18 @@ sub tests {
                 )
             );
         },
+                    
+        # Warn if cookie TTL is equal or lower than 30s
+        cookieTTL => sub {
+            return 1 unless ( defined $conf->{cookieExpiration} );
+            if ( $conf->{cookieExpiration} =~ /^(\d+)s?$/ ) {
+            return ( 0, "Cookie TTL must be higher than 30s" )
+              unless ( $1 > 30 );
+            }
+            
+            # Return
+            return 1;
+        },
 
         # Warn if manager seems to be unprotected
         managerProtection => sub {
@@ -413,7 +425,6 @@ sub tests {
                   if ( $conf->{ $_ . '2fActivation' } eq '1' );
             }
             return ( 1, ( $w ? $w : () ) );
-
         },
 
         # Warn if TOTP not 6 or 8 digits long
@@ -431,6 +442,8 @@ sub tests {
                 )
             );
         },
+        
+        # Warn if TOTP not 6 or 8 digits long
         formTimeout => sub {
             return 1 unless ( defined $conf->{formTimeout} );
             return ( 0, "XSRF form token TTL must be higher than 10s" )
@@ -438,6 +451,8 @@ sub tests {
             return ( 1,
                 "XSRF form token TTL should not be higher than 2mn" )
               if ( $conf->{formTimeout} > 120 );
+              
+            # Return
             return 1;
         },
     };