From 4cd422ee54a07b9bf43e6786f6fe263fa4e59acb Mon Sep 17 00:00:00 2001
From: Olivier DUMAS <olivier.dumas@orange.com>
Date: Mon, 1 Oct 2018 19:15:09 +0200
Subject: [PATCH 1/2] Added a session_timeout setting to manage session
 lifetime

---
 app/models.py | 1 +
 app/views.py  | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/app/models.py b/app/models.py
index 4869608..91331cf 100644
--- a/app/models.py
+++ b/app/models.py
@@ -1808,6 +1808,7 @@ class Setting(db.Model):
         'allow_user_create_domain': False,
         'bg_domain_updates': False,
         'site_name': 'PowerDNS-Admin',
+        'session_timeout': 10,
         'pdns_api_url': '',
         'pdns_api_key': '',
         'pdns_version': '4.1.1',
diff --git a/app/views.py b/app/views.py
index 3311997..9ed1c33 100644
--- a/app/views.py
+++ b/app/views.py
@@ -3,6 +3,7 @@ import logging as logger
 import os
 import traceback
 import re
+import datetime
 from distutils.util import strtobool
 from distutils.version import StrictVersion
 from functools import wraps
@@ -68,6 +69,11 @@ def before_request():
     if maintenance and current_user.is_authenticated and current_user.role.name not in ['Administrator', 'Operator']:
         return render_template('maintenance.html')
 
+    # Manage session timeout
+    session.permanent = True
+    app.permanent_session_lifetime = datetime.timedelta(minutes=int(Setting().get('session_timeout')))
+    session.modified = True
+    g.user = current_user
 
 @login_manager.user_loader
 def load_user(id):

From dabc324c520d0e5b45f8d53992aca572193c43a2 Mon Sep 17 00:00:00 2001
From: odumasFR <37532391+odumasFR@users.noreply.github.com>
Date: Tue, 2 Oct 2018 08:01:04 +0200
Subject: [PATCH 2/2] Adjust basic settings list

Added the new 'session_timeout' setting to the list of rendered basic settings
---
 app/views.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/views.py b/app/views.py
index 9ed1c33..7f5fcb2 100644
--- a/app/views.py
+++ b/app/views.py
@@ -1375,7 +1375,8 @@ def admin_setting_basic():
                     'dnssec_admins_only',
                     'allow_user_create_domain',
                     'bg_domain_updates',
-                    'site_name'] 
+                    'site_name',
+                    'session_timeout' ] 
 
         return render_template('admin_setting_basic.html', settings=settings)