Last partial fix for ticket 585: Compartmentalize the admin area and require active authentication every 20 minutes to access the admin area.

Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
author: Andy Staudacher <andy.st@gmail.com> 2010-02-07 15:37:32 -0800
committer: Andy Staudacher <andy.st@gmail.com> 2010-02-07 15:37:32 -0800
commit: f93528ffab19b7a733fc8fb21c22853d8ec0d2f5 (patch)
tree: 29213dc93ad8d2edea6f7f5b3cd5bd3f0362885d /modules/gallery/helpers/gallery_event.php
parent: 18b0096751f45d7946a2277070dd3dd1f5db4a89 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index 5fa82160..63f33c12 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -110,6 +110,7 @@ class gallery_event_Core {
       graphics::choose_default_toolkit();
       module::clear_var("gallery", "choose_default_tookit");
     }
+    Session::instance()->set("active_auth_timestamp", time());
     auth::clear_failed_attempts($user);
   }
 
@@ -119,6 +120,7 @@ class gallery_event_Core {
 
   static function user_auth($user) {
     auth::clear_failed_attempts($user);
+    Session::instance()->set("active_auth_timestamp", time());
   }
 
   static function item_index_data($item, $data) {
author	Andy Staudacher <andy.st@gmail.com>	2010-02-07 15:37:32 -0800
committer	Andy Staudacher <andy.st@gmail.com>	2010-02-07 15:37:32 -0800
commit	f93528ffab19b7a733fc8fb21c22853d8ec0d2f5 (patch)
tree	29213dc93ad8d2edea6f7f5b3cd5bd3f0362885d /modules/gallery/helpers/gallery_event.php
parent	18b0096751f45d7946a2277070dd3dd1f5db4a89 (diff)