Fix bug in user creation (#1887)

* Fix bug in user creation

* Made user session lifetime configurable

---------

Co-authored-by: jessevz <jesse.van.zutphen@nfi.nl>

Author: jessevz

src/dba/models/User.class.php

@@ -72,7 +72,7 @@ static function getFeatures(): array {
     $dict['isComputedPassword'] = ['read_only' => True, "type" => "bool", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "isComputedPassword", "public" => False, "dba_mapping" => False];
     $dict['lastLoginDate'] = ['read_only' => True, "type" => "int64", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "lastLoginDate", "public" => False, "dba_mapping" => False];
     $dict['registeredSince'] = ['read_only' => True, "type" => "int64", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "registeredSince", "public" => False, "dba_mapping" => False];
-    $dict['sessionLifetime'] = ['read_only' => False, "type" => "int", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => False, "private" => False, "alias" => "sessionLifetime", "public" => False, "dba_mapping" => False];
+    $dict['sessionLifetime'] = ['read_only' => False, "type" => "int", "subtype" => "unset", "choices" => "unset", "null" => True, "pk" => False, "protected" => False, "private" => False, "alias" => "sessionLifetime", "public" => False, "dba_mapping" => False];
     $dict['rightGroupId'] = ['read_only' => False, "type" => "int", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => False, "private" => False, "alias" => "globalPermissionGroupId", "public" => False, "dba_mapping" => False];
     $dict['yubikey'] = ['read_only' => True, "type" => "str(256)", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "yubikey", "public" => False, "dba_mapping" => False];
     $dict['otp1'] = ['read_only' => True, "type" => "str(256)", "subtype" => "unset", "choices" => "unset", "null" => False, "pk" => False, "protected" => True, "private" => False, "alias" => "otp1", "public" => False, "dba_mapping" => False];

src/inc/apiv2/model/users.routes.php

@@ -86,6 +86,7 @@ protected function createObject($data): int {
       $data[User::RIGHT_GROUP_ID],
       $this->getCurrentUser(),
       $data[User::IS_VALID] ?? false,
+      $data[User::SESSION_LIFETIME] ?? 3600
     );
 
     return $user->getId();
@@ -95,6 +96,7 @@ function getAllPostParameters(array $features): array {
 
     $features = parent::getAllPostParameters($features);
     unset($features[User::IS_VALID]);
+    unset($features[User::SESSION_LIFETIME]);
     return $features;
   }
 

src/inc/utils/UserUtils.class.php

@@ -186,7 +186,7 @@ public static function setPassword($userId, $password, $adminUser) {
    * @throws HttpConflict
    * @throws HttpError
    */
-  public static function createUser(string $username, string $email, int $rightGroupId, User $adminUser, bool $isValid = true): User {
+  public static function createUser(string $username, string $email, int $rightGroupId, User $adminUser, bool $isValid = true, int $session_lifetime=3600): User {
     $username = htmlentities($username, ENT_QUOTES, "UTF-8");
     $group = AccessControlUtils::getGroup($rightGroupId);
     if (!filter_var($email, FILTER_VALIDATE_EMAIL) || strlen($email) == 0) {
@@ -206,7 +206,7 @@ public static function createUser(string $username, string $email, int $rightGro
     $newPass = Util::randomString(10);
     $newSalt = Util::randomString(20);
     $newHash = Encryption::passwordHash($newPass, $newSalt);
-    $user = new User(null, $username, $email, $newHash, $newSalt, $isValid ? 1: 0, 1, 0, time(), 3600, $group->getId(), 0, "", "", "", "");
+    $user = new User(null, $username, $email, $newHash, $newSalt, $isValid ? 1: 0, 1, 0, time(), $session_lifetime, $group->getId(), 0, "", "", "", "");
     Factory::getUserFactory()->save($user);
 
     // add user to default group