From 8540fc44f3e26f26efbee6609b367130991073d4 Mon Sep 17 00:00:00 2001
From: Bernd Bestel <bernd@berrnd.de>
Date: Mon, 24 Sep 2018 13:16:57 +0200
Subject: [PATCH] Added option to stay logged in permanently

---
 controllers/LoginController.php |  5 +++--
 localization/de.php             |  2 ++
 services/SessionService.php     | 10 ++++++++--
 views/login.blade.php           |  7 +++++++
 4 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/controllers/LoginController.php b/controllers/LoginController.php
index 45642e64..0d850901 100644
--- a/controllers/LoginController.php
+++ b/controllers/LoginController.php
@@ -25,11 +25,12 @@ class LoginController extends BaseController
 		{
 			$user = $this->Database->users()->where('username', $postParams['username'])->fetch();
 			$inputPassword = $postParams['password'];
+			$stayLoggedInPermanently = $postParams['stay_logged_in'] == 'on';
 
 			if ($user !== null && password_verify($inputPassword, $user->password))
 			{
-				$sessionKey = $this->SessionService->CreateSession($user->id);
-				setcookie($this->SessionCookieName, $sessionKey, time() + 31536000); // Cookie expires in 1 year, but session validity is up to SessionService
+				$sessionKey = $this->SessionService->CreateSession($user->id, $stayLoggedInPermanently);
+				setcookie($this->SessionCookieName, $sessionKey, time() + 31220640000); // Cookie expires in 999 years, but session validity is up to SessionService
 
 				if (password_needs_rehash($user->password, PASSWORD_DEFAULT))
 				{
diff --git a/localization/de.php b/localization/de.php
index bc91331d..3239bd87 100644
--- a/localization/de.php
+++ b/localization/de.php
@@ -241,6 +241,8 @@ return array(
 	'Edit product group' => 'Produktgruppe bearbeiten',
 	'Product group' => 'Produktgruppe',
 	'Are you sure to delete product group "#1"?' => 'Produktgruppe "#1" wirklich löschen?',
+	'Stay logged in permanently' => 'Dauerhaft angemeldet bleiben',
+	'When not set, you will get logged out at latest after 30 days' => 'Wenn nicht gesetzt, wirst du spätestens nach 30 Tagen automatisch abgemeldet',
 	
 	//Constants
 	'manually' => 'Manuell',
diff --git a/services/SessionService.php b/services/SessionService.php
index 4a5e7870..685400cc 100644
--- a/services/SessionService.php
+++ b/services/SessionService.php
@@ -33,14 +33,20 @@ class SessionService extends BaseService
 	/**
 	 * @return string
 	 */
-	public function CreateSession($userId)
+	public function CreateSession($userId, $stayLoggedInPermanently = false)
 	{
 		$newSessionKey = $this->GenerateSessionKey();
 		
+		$expires = date('Y-m-d H:i:s', time() + 2592000); // Default is that sessions expire in 30 days
+		if ($stayLoggedInPermanently === true)
+		{
+			$expires = date('Y-m-d H:i:s', time() + 31220640000); // 999 years aka forever
+		}
+
 		$sessionRow = $this->Database->sessions()->createRow(array(
 			'user_id' => $userId,
 			'session_key' => $newSessionKey,
-			'expires' => date('Y-m-d H:i:s', time() + 2592000) // Default is that sessions expire in 30 days
+			'expires' => $expires
 		));
 		$sessionRow->save();
 
diff --git a/views/login.blade.php b/views/login.blade.php
index 7e8d7293..ade69f33 100644
--- a/views/login.blade.php
+++ b/views/login.blade.php
@@ -22,6 +22,13 @@
 				<div id="login-error" class="form-text text-danger d-none"></div>
 			</div>
 
+			<div class="checkbox">
+				<label for="stay_logged_in">
+					<input type="checkbox" id="stay_logged_in" name="stay_logged_in"> {{ $L('Stay logged in permanently') }}
+					<p id="qu-conversion-info" class="form-text text-muted small my-0">{{ $L('When not set, you will get logged out at latest after 30 days') }}</p>
+				</label>
+			</div>
+
 			<button id="login-button" type="submit" class="btn btn-success">{{ $L('OK') }}</button>
 
 		</form>