MOBILE-1806 autologin: Prevent consecutive calls to get autologin key WS

dpalou · dpalou · commit d6ab4a0ee8f6 · 2016-11-03T15:21:41.000+01:00
diff --git a/www/core/lib/sitesfactory.js b/www/core/lib/sitesfactory.js
@@ -118,7 +118,7 @@ angular.module('mm.core')
     this.$get = function($http, $q, $mmWS, $mmDB, $log, md5, $mmApp, $mmLang, $mmUtil, $mmFS, mmCoreWSCacheStore,
             mmCoreWSPrefix, mmCoreSessionExpired, $mmEvents, mmCoreEventSessionExpired, mmCoreUserDeleted, mmCoreEventUserDeleted,
             $mmText, $translate, mmCoreConfigConstants, mmCoreUserPasswordChangeForced, mmCoreEventPasswordChangeForced,
-            mmCoreLoginTokenChangePassword) {
+            mmCoreLoginTokenChangePassword, mmCoreSecondsMinute) {
 
         $log = $log.getInstance('$mmSite');
 
@@ -907,26 +907,31 @@ angular.module('mm.core')
          * @return {Promise}        Promise resolved when done, rejected otherwise.
          */
         Site.prototype.openWithAutoLogin = function(inApp, url, options) {
-            if (!this.privateToken || !this.wsAvailable('tool_mobile_get_autologin_key')) {
-                // No private token or WS not available, open the final URL without auto-login.
+            if (!this.privateToken || !this.wsAvailable('tool_mobile_get_autologin_key') ||
+                    (this.lastAutoLogin && $mmUtil.timestamp() - this.lastAutoLogin < 6 * mmCoreSecondsMinute)) {
+                // No private token, WS not available or last auto-login was less than 6 minutes ago.
+                // Open the final URL without auto-login.
                 open(url);
                 return $q.when();
             }
 
-            var userId = this.getUserId(),
+            var that = this,
+                userId = that.getUserId(),
                 params = {
-                    privatetoken: this.privateToken
+                    privatetoken: that.privateToken
                 },
                 modal = $mmUtil.showModalLoading();
 
             // Use write to not use cache.
-            return this.write('tool_mobile_get_autologin_key', params).then(function(data) {
+            return that.write('tool_mobile_get_autologin_key', params).then(function(data) {
                 if (!data.autologinurl || !data.key) {
                     // Not valid data, open the final URL without auto-login.
                     open(url);
                     return;
                 }
 
+                that.lastAutoLogin = $mmUtil.timestamp();
+
                 open(data.autologinurl + '?userid=' + userId + '&key=' + data.key + '&urltogo=' + url);
             }).catch(function() {
                 // Couldn't get autologin key, open the final URL without auto-login.
