Improved assigning of "last-activity" and "login_date"

diff --git a/src/Model/User.php b/src/Model/User.php
index 9472407715a6158d55d68240da264ad1467e1fd8..04c6943452f0c402e4f5b6f405ba2f16ea075583 100644 (file)
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -826,27 +826,26 @@ class User
        /**
         * Update the day of the last activity of the given user
         *
-        * @param integer $uid
+        * @param array $user
+        * @param bool  $refresh_login
         * @return void
         */
-       public static function updateLastActivity(int $uid)
+       public static function updateLastActivity(array $user, bool $refresh_login)
        {
-               if (!$uid) {
+               $current_day = DateTimeFormat::utcNow('Y-m-d');
+               if (($user['last-activity'] == $current_day) && (!$refresh_login || DateTimeFormat::utc($user['login_date'], 'z-H') == date('z-H'))) {
                        return;
                }
 
-               $user = self::getById($uid, ['last-activity']);
-               if (empty($user)) {
-                       return;
+               $fields = ['last-activity' => $current_day];
+               if ($refresh_login) {
+                       $fields['login_date'] = DateTimeFormat::utcNow();
                }
 
-               $current_day = DateTimeFormat::utcNow('Y-m-d');
-
-               if ($user['last-activity'] != $current_day) {
-                       self::update(['last-activity' => $current_day], $uid);
-                       // Set the last activity for all identities of the user
-                       DBA::update('user', ['last-activity' => $current_day], ['parent-uid' => $uid, 'verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false]);
-               }
+               Logger::debug('Set last activity for user', ['uid' => $user['uid'], 'fields' => $fields]);
+               self::update($fields, $user['uid']);
+               // Set the last activity for all identities of the user
+               DBA::update('user', $fields, ['parent-uid' => $user['uid'], 'verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false]);
        }
 
        /**

diff --git a/src/Security/Authentication.php b/src/Security/Authentication.php
index 5ec15567f02df74a1c8c3ca8f36fa22bb26bf8a3..93e6344a35abd6e96f73ae9343c7f11648ba2101 100644 (file)
--- a/src/Security/Authentication.php
+++ b/src/Security/Authentication.php
@@ -194,18 +194,7 @@ class Authentication
                                        $this->baseUrl->redirect();
                                }
 
-                               // Make sure to refresh the last login time for the user if the user
-                               // stays logged in for a long time, e.g. with "Remember Me"
-                               $login_refresh = false;
-                               if (!$this->session->get('last_login_date')) {
-                                       $this->session->set('last_login_date', DateTimeFormat::utcNow());
-                               }
-                               if (strcmp(DateTimeFormat::utc('now - 12 hours'), $this->session->get('last_login_date')) > 0) {
-                                       $this->session->set('last_login_date', DateTimeFormat::utcNow());
-                                       $login_refresh = true;
-                               }
-
-                               $this->setForUser($a, $user, false, false, $login_refresh);
+                               $this->setForUser($a, $user);
                        }
                }
        }
@@ -283,7 +272,6 @@ class Authentication
 
                // if we haven't failed up this point, log them in.
                $this->session->set('remember', $remember);
-               $this->session->set('last_login_date', DateTimeFormat::utcNow());
 
                $openid_identity = $this->session->get('openid_identity');
                $openid_server   = $this->session->get('openid_server');
@@ -311,7 +299,7 @@ class Authentication
         * @param array $user_record The current "user" record
         * @param bool  $login_initial
         * @param bool  $interactive
-        * @param bool  $login_refresh
+        * @param bool  $refresh_login
         *
         * @throws HTTPException\FoundException
         * @throws HTTPException\MovedPermanentlyException
@@ -321,7 +309,7 @@ class Authentication
         * @throws HTTPException\InternalServerErrorException In case of Friendica specific exceptions
         *
         */
-       public function setForUser(App $a, array $user_record, bool $login_initial = false, bool $interactive = false, bool $login_refresh = false)
+       public function setForUser(App $a, array $user_record, bool $login_initial = false, bool $interactive = false, bool $refresh_login = true)
        {
                $my_url = $this->baseUrl . '/profile/' . $user_record['nickname'];
 
@@ -354,13 +342,9 @@ class Authentication
 
                $this->setXAccMgmtStatusHeader($user_record);
 
-               if ($login_initial || $login_refresh) {
-                       $this->dba->update('user', ['last-activity' => DateTimeFormat::utcNow('Y-m-d'), 'login_date' => DateTimeFormat::utcNow()], ['uid' => $user_record['uid']]);
-
-                       // Set the login date for all identities of the user
-                       $this->dba->update('user', ['last-activity' => DateTimeFormat::utcNow('Y-m-d'), 'login_date' => DateTimeFormat::utcNow()],
-                               ['parent-uid' => $user_record['uid'], 'account_removed' => false]);
+               User::updateLastActivity($user_record, $refresh_login);
 
+               if ($login_initial) {
                        // Regularly update suggestions
                        if (Contact\Relation::areSuggestionsOutdated($user_record['uid'])) {
                                Worker::add(Worker::PRIORITY_MEDIUM, 'UpdateSuggestions', $user_record['uid']);

diff --git a/src/Security/BasicAuth.php b/src/Security/BasicAuth.php
index 23dbbc9ef5c886b75f3a4166481fa5ae25677d44..9627b62bb08b07462588cf794befa306f5a9db4b 100644 (file)
--- a/src/Security/BasicAuth.php
+++ b/src/Security/BasicAuth.php
@@ -183,10 +183,7 @@ class BasicAuth
                        throw new UnauthorizedException("This API requires login");
                }
 
-               // Don't refresh the login date more often than twice a day to spare database writes
-               $login_refresh = strcmp(DateTimeFormat::utc('now - 12 hours'), $record['login_date']) > 0;
-
-               DI::auth()->setForUser($a, $record, false, false, $login_refresh);
+               DI::auth()->setForUser($a, $record, false, false, false);
 
                Hook::callAll('logged_in', $record);
 

diff --git a/src/Security/OAuth.php b/src/Security/OAuth.php
index eb4b3eba4dd886f31289a6b9790281d74ce27c52..167c55487f08f95b97495ca8a829b5359b02b835 100644 (file)
--- a/src/Security/OAuth.php
+++ b/src/Security/OAuth.php
@@ -104,7 +104,10 @@ class OAuth
                }
                Logger::debug('Token found', $token);
 
-               User::updateLastActivity($token['uid']);
+               $user = User::getById($token['uid'], ['uid', 'last-activity', 'login_date']);
+               if (!empty($user)) {
+                       User::updateLastActivity($user, false);
+               }
 
                // Regularly update suggestions
                if (Contact\Relation::areSuggestionsOutdated($token['uid'])) {