ws: Add "set-session-timeout" command

and use it as a backup for the JavaScript session timeout
implementation. With it, the session really ends at about the expected
time, regardless of whether JavaScript is executed by the browser or
not.

We keep the JavaScript implementation so that session timeouts work
with older cockpit-ws versions and to keep the cockpit-ws side
simple. There anyway needs to be cooperation from JavaScript to
perform a proper logout.

Author: mvollmer

pkg/shell/idle.tsx

@@ -35,6 +35,7 @@ export class IdleTimeoutState extends EventEmitter<IdleTimeoutStateEvents> {
         super();
 
         this.#idle_start_time = Date.now();
+        this.#disarm_ws_timeout();
 
         cockpit.dbus(null, { bus: "internal" }).call("/config", "cockpit.Config", "GetUInt",
                                                      ["Session", "IdleTimeout", 0, 240, 0], {})
@@ -43,6 +44,7 @@ export class IdleTimeoutState extends EventEmitter<IdleTimeoutStateEvents> {
                     if (this.#session_timeout > 0 && this.#standard_login) {
                         this.setupIdleResetEventListeners(window);
                         window.setInterval(this.#idleTick, 5000);
+                        this.#arm_ws_timeout();
                     }
                 })
                 .catch(e => {
@@ -72,10 +74,35 @@ export class IdleTimeoutState extends EventEmitter<IdleTimeoutStateEvents> {
     };
 
     #resetTimer = () => {
-        if (this.final_countdown === null)
-            this.#idle_start_time = Date.now();
+        if (this.final_countdown === null) {
+            const idle_time = Date.now() - this.#idle_start_time;
+            if (idle_time > 10 * 1000) {
+                this.#idle_start_time = Date.now();
+                this.#arm_ws_timeout();
+            }
+        }
     };
 
+    #arm_ws_timeout() {
+        // Tell cockpit-ws to kill the session 10 seconds after we are
+        // supposed to have logged out here. This is an emergency
+        // fallback mechanism for the case that the browser stops
+        // executing our JavaScript. Once JavaScript starts running
+        // again and the websocket has been closed by cockpit-ws and
+        // the Shell will show the "Disconnected" curtain. Then the
+        // timer ticks here will happen and will perform the browser
+        // side of the logout immediately and we end up on the login
+        // page with the expected "Logged out due to inactivity"
+        // message.
+
+        cockpit.assert(this.#session_timeout > 0);
+        cockpit.transport.control("set-session-timeout", { seconds: this.#session_timeout / 1000 + 10 });
+    }
+
+    #disarm_ws_timeout() {
+        cockpit.transport.control("set-session-timeout", { seconds: 0 });
+    }
+
     setupIdleResetEventListeners(win: Window) {
         // NOTE: This function will be called many many times for a
         // given window, not just once. Calling addEventListener

src/ws/cockpitwebservice.c

@@ -48,6 +48,8 @@ typedef struct {
   guint next_socket_id;
 } CockpitSockets;
 
+static gboolean on_session_timeout (gpointer user_data);
+
 static void
 cockpit_socket_free (gpointer data)
 {
@@ -187,6 +189,7 @@ struct _CockpitWebService {
   gboolean closing;
   GBytes *control_prefix;
   guint ping_timeout;
+  guint session_timeout;
   gint callers;
   guint next_internal_id;
 
@@ -270,6 +273,8 @@ cockpit_web_service_finalize (GObject *object)
   cockpit_creds_unref (self->creds);
   if (self->ping_timeout)
     g_source_remove (self->ping_timeout);
+  if (self->session_timeout)
+    g_source_remove (self->session_timeout);
 
   g_hash_table_destroy (self->host_by_checksum);
   g_hash_table_destroy (self->checksum_by_host);
@@ -284,6 +289,19 @@ cockpit_web_service_unique_channel (CockpitWebService *self)
   return g_strdup_printf ("0:%d", self->next_internal_id++);
 }
 
+static void
+set_session_timeout (CockpitWebService *self, gint64 seconds)
+{
+  if (self->session_timeout)
+    {
+      g_source_remove (self->session_timeout);
+      self->session_timeout = 0;
+    }
+  if (seconds > 0)
+    self->session_timeout = g_timeout_add_seconds (seconds, on_session_timeout, self);
+}
+
+
 static void
 caller_begin (CockpitWebService *self)
 {
@@ -297,7 +315,10 @@ caller_end (CockpitWebService *self)
   g_return_if_fail (self->callers > 0);
   self->callers--;
   if (self->callers == 0)
-    g_signal_emit (self, sig_idling, 0);
+    {
+      g_signal_emit (self, sig_idling, 0);
+      set_session_timeout (self, 0);
+    }
   g_object_unref (self);
 }
 
@@ -933,6 +954,16 @@ process_logout (CockpitWebService *self,
   g_object_run_dispose (G_OBJECT (self));
 }
 
+static void
+process_set_session_timeout (CockpitWebService *self,
+                             JsonObject *options)
+{
+  gint64 seconds;
+  if (!cockpit_json_get_int (options, "seconds", 0, &seconds))
+    seconds = 0;
+  set_session_timeout (self, seconds);
+}
+
 static const gchar *
 process_socket_init (CockpitWebService *self,
                      CockpitSocket *socket,
@@ -1044,6 +1075,10 @@ dispatch_inbound_command (CockpitWebService *self,
     {
       valid = process_ping (self, socket, options);
     }
+  else if (!channel && g_strcmp0 (command, "set-session-timeout") == 0)
+    {
+      process_set_session_timeout (self, options);
+    }
   else if (channel)
     {
       /* Relay anything with a channel by default */
@@ -1086,6 +1121,16 @@ on_web_socket_message (WebSocketConnection *connection,
     }
 }
 
+static gboolean
+on_session_timeout (gpointer user_data)
+{
+  CockpitWebService *self = user_data;
+  g_warning ("session idle for too long, logging out");
+  process_logout (self, NULL);
+  self->session_timeout = 0;
+  return G_SOURCE_REMOVE;
+}
+
 static void
 on_web_socket_open (WebSocketConnection *connection,
                     CockpitWebService *self)