From aec6e000952b7968e2dfce56823ed7d509174659 Mon Sep 17 00:00:00 2001
From: virusdefender <1670873886@qq.com>
Date: Fri, 6 Nov 2015 20:53:52 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E4=BA=86=E7=AE=A1=E7=90=86?=
 =?UTF-8?q?=E5=91=98=E5=92=8C=E8=B6=85=E7=BA=A7=E7=AE=A1=E7=90=86=E5=91=98?=
 =?UTF-8?q?24=E5=B0=8F=E6=97=B6=E4=B8=8D=E6=B4=BB=E5=8A=A8=20session=20?=
 =?UTF-8?q?=E8=87=AA=E5=8A=A8=E8=BF=87=E6=9C=9F=E7=9A=84=E6=9C=BA=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 account/middleware.py | 24 ++++++++++++++++++++++++
 oj/settings.py        |  3 ++-
 2 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 account/middleware.py

diff --git a/account/middleware.py b/account/middleware.py
new file mode 100644
index 0000000..7024225
--- /dev/null
+++ b/account/middleware.py
@@ -0,0 +1,24 @@
+# coding=utf-8
+import time
+import json
+import urllib
+from django.http import HttpResponseRedirect, HttpResponse
+from django.contrib import auth
+from utils.shortcuts import error_response, error_page
+from .models import ADMIN
+
+
+class SessionSecurityMiddleware(object):
+    def process_request(self, request):
+        if request.user.is_authenticated() and request.user.admin_type >= ADMIN:
+            if "last_activity" in request.session:
+                # 24个小时没有活动
+                if time.time() - request.session["last_activity"] >= 24 * 60 * 60:
+                    auth.logout(request)
+                    if request.is_ajax():
+                        return HttpResponse(json.dumps({"code": 1, "data": u"请先登录"}),
+                                            content_type="application/json")
+                    else:
+                        return HttpResponseRedirect("/login/?__from=" + urllib.quote(request.build_absolute_uri()))
+            # 更新最后活动日期
+            request.session["last_activity"] = time.time()
diff --git a/oj/settings.py b/oj/settings.py
index 2e86e75..83d49ef 100644
--- a/oj/settings.py
+++ b/oj/settings.py
@@ -71,7 +71,8 @@ MIDDLEWARE_CLASSES = (
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'django.middleware.security.SecurityMiddleware',
-    'admin.middleware.AdminRequiredMiddleware'
+    'admin.middleware.AdminRequiredMiddleware',
+    'account.middleware.SessionSecurityMiddleware'
 )
 
 ROOT_URLCONF = 'oj.urls'