Merge pull request #81 from GSA/feature/DIGITAL-239-dg-logout

Digital-239: Custom 12 hour logout

config/sync/core.extension.yml

@@ -17,6 +17,7 @@ module:
   dblog: 0
   default_content: 0
   default_content_config: 0
+  dg_autologout: 0
   dg_breadcrumb: 0
   dg_fields: 0
   dg_token: 0

config/sync/dg_autologout.role.admin.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.authenticated.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.author.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.content_admin.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.data_analyst.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.editor.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.identifier_admin.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.publisher.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.role.user_admin.yml

@@ -0,0 +1,3 @@
+enabled: false
+timeout: null
+url: ''

config/sync/dg_autologout.settings.yml

@@ -0,0 +1,27 @@
+_core:
+  default_config_hash: ou29sK1fi0MGjbVgsIAp1n-2_yofUuGcszRhDDPwpYo
+enabled: true
+timeout: 43200
+max_timeout: 43200
+padding: null
+logout_regardless_of_activity: true
+no_individual_logout_threshold: true
+role_logout: false
+role_logout_max: false
+redirect_url: /user/login
+include_destination: true
+no_dialog: true
+message: 'We are about to log you out for inactivity. If we do, you will lose any unsaved work. Do you need more time?'
+inactivity_message: 'You have been logged out due to inactivity.'
+inactivity_message_type: status
+modal_width: 450
+enforce_admin: true
+jstimer_format: '%hours%:%mins%:%secs%'
+jstimer_js_load_option: false
+use_alt_logout_method: false
+use_watchdog: true
+dialog_title: 'Digital.gov Alert'
+disable_buttons: false
+yes_button: ''
+no_button: ''
+whitelisted_ip_addresses: ''

web/modules/custom/dg_autologout/config/install/dg_autologout.settings.yml

@@ -0,0 +1,21 @@
+enabled: true
+timeout: 1800
+max_timeout: 172800
+padding: 20
+logout_regardless_of_activity: false
+no_individual_logout_threshold: false
+role_logout: false
+role_logout_max: false
+redirect_url: /user/login
+include_destination: true
+no_dialog: false
+message: 'We are about to log you out for inactivity. If we do, you will lose any unsaved work. Do you need more time?'
+inactivity_message: 'You have been logged out due to inactivity.'
+inactivity_message_type: status
+modal_width: 450
+enforce_admin: false
+jstimer_format: '%hours%:%mins%:%secs%'
+jstimer_js_load_option: false
+use_alt_logout_method: false
+use_watchdog: true
+whitelisted_ip_addresses: ''

web/modules/custom/dg_autologout/config/schema/dg_autologout.schema.yml

@@ -0,0 +1,92 @@
+dg_autologout.settings:
+  type: config_object
+  mapping:
+    enabled:
+      type: boolean
+      label: 'Enable autologout'
+    timeout:
+      type: integer
+      label: 'Timeout value'
+    max_timeout:
+      type: integer
+      label: 'Max timeout value'
+    padding:
+      type: integer
+      label: 'Seconds to give a user to respond'
+    logout_regardless_of_activity:
+      type: boolean
+      label: 'Logout user regardless of activity'
+    no_individual_logout_threshold:
+      type: boolean
+      label: 'Disable user-specific logout thresholds'
+    role_logout:
+      type: boolean
+      label: 'Enable role timeout'
+    role_logout_max:
+      type: boolean
+      label: 'Use highest role timeout value'
+    redirect_url:
+      type: string
+      label: 'Redirect url'
+    include_destination:
+      type: boolean
+      label: 'Include destination'
+    no_dialog:
+      type: boolean
+      label: 'Integer label'
+    message:
+      type: text
+      label: 'Message to display'
+    inactivity_message:
+      type: text
+      label: 'Message displayed after logging out'
+    inactivity_message_type:
+      type: string
+      label: 'Type of the message displayed'
+    modal_width:
+      type: integer
+      label: 'Modal width'
+    enforce_admin:
+      type: boolean
+      label: 'Enable admin logout'
+    jstimer_format:
+      type: string
+      label: 'JS timer format'
+    jstimer_js_load_option:
+      type: boolean
+      label: 'JS timer load'
+    use_alt_logout_method:
+      type: boolean
+      label: 'Use alternate logout methode'
+    use_watchdog:
+      type: boolean
+      label: 'Use watchdog'
+    dialog_title:
+      type: label
+      label: 'Title'
+    disable_buttons:
+      type: boolean
+      label: 'Disable buttons'
+    yes_button:
+      type: label
+      label: 'Yes button text'
+    no_button:
+      type: label
+      label: 'No button text'
+    whitelisted_ip_addresses:
+      type: string
+      label: 'Whitelisted IP addresses'
+
+dg_autologout.role.*:
+  type: config_object
+  label: 'Role Settings'
+  mapping:
+    enabled:
+      type: boolean
+      label: 'Enabled'
+    timeout:
+      type: integer
+      label: 'Timeout'
+    url:
+      type: string
+      label: 'redirect_url'

web/modules/custom/dg_autologout/dg_autologout.api.php

@@ -0,0 +1,60 @@
+<?php
+
+/**
+ * @file
+ * Describe hooks provided by the dg_autologout module.
+ */
+
+/**
+ * Prevent dg_autologout logging a user out.
+ *
+ * This allows other modules to indicate that a page should not be included
+ * in the dg_autologout checks. This works in the same way as not ticking the
+ * enforce on admin pages option for
+ * dg_autologout which stops a user being logged
+ * out of admin pages.
+ *
+ * @return bool
+ *   Return TRUE if you do not want the user to be logged out.
+ *   Return FALSE (or nothing) if you want to leave the dg_autologout
+ *   process alone.
+ */
+function hook_dg_autologout_prevent() {
+  // Don't include dg_autologout JS checks on ajax callbacks.
+  $path_args = explode('/', current_path());
+  $blacklist = [
+    'ajax',
+    'dg_autologout_ajax_logout',
+    'dg_autologout_ajax_set_last',
+  ];
+
+  if (in_array($path_args[0], $blacklist)) {
+    return TRUE;
+  }
+}
+
+/**
+ * Keep a login alive whilst the user is on a particular page.
+ *
+ * @return bool
+ *   By returning TRUE from this function the JS which talks to dg_autologout
+ *   module is included in the current page request and periodically dials back
+ *   to the server to keep the login alive.
+ *   Return FALSE (or nothing) to just use the standard behaviour.
+ */
+function hook_dg_autologout_refresh_only() {
+  // Check to see if an open admin page will keep login alive.
+  if (\Drupal::service('router.admin_context')->isAdminRoute(routeMatch()->getRouteObject()) && !\Drupal::config('dg_autologout.settings')->get('enforce_admin')) {
+    return TRUE;
+  }
+}
+
+/**
+ * React right after user has been logged out via dg_autologout.
+ *
+ * This hook fires only when user is logged out via dg_autologout, not when the
+ * user logs themselves out. This is fired after the session has been destroyed
+ * and the active user has been set to anonymous.
+ */
+function hook_dg_autologout_user_logout() {
+}

web/modules/custom/dg_autologout/dg_autologout.config_translation.yml

@@ -0,0 +1,5 @@
+dg_autologout.config:
+  title: 'Digital.gov Autologout'
+  base_route_name: dg_autologout.set_admin
+  names:
+    - dg_autologout.settings

web/modules/custom/dg_autologout/dg_autologout.info.yml

@@ -0,0 +1,12 @@
+name: Digital.gov Automated Logout
+type: module
+description: 'Adds automated timed logout.'
+core_version_requirement: ^9.2 || ^10 || ^11
+configure: dg_autologout.set_admin
+dependencies:
+  - js_cookie:js_cookie
+
+# Information added by Drupal.org packaging script on 2024-11-22
+version: '2.0.1'
+project: 'dg_autologout'
+datestamp: 1732235108

web/modules/custom/dg_autologout/dg_autologout.install

@@ -0,0 +1,65 @@
+<?php
+
+/**
+ * @file
+ * Install and update functions for the dg_autologout module.
+ */
+
+use Drupal\Core\Database\Database;
+
+/**
+ * Transfer logouts time settings from configs to states.
+ */
+function dg_autologout_update_8001(&$sandbox) {
+  $result = Database::getConnection()
+    ->select('config', 'c')
+    ->fields('c', ['name', 'data'])
+    ->condition('name', 'dg_autologout.user.%', 'LIKE')
+    ->execute()->fetchAll();
+  if (!isset($sandbox['current'])) {
+    $sandbox['current'] = 0;
+    $sandbox['max'] = count($result);
+  }
+  $limit = 5;
+  $result = array_slice($result, $sandbox['current'], $limit);
+  foreach ($result as $row) {
+    $key = $row->name;
+    // User uid is a part of the key after.
+    // E.g. dg_autologout.user.1 for user 1.
+    $user_id = (substr($key, 16));
+    $data = serialize($row->data);
+    \Drupal::service('user.data')->set('dg_autologout', $user_id, 'timeout', $data['timeout']);
+    \Drupal::service('user.data')->set('dg_autologout', $user_id, 'enabled', $data['enabled']);
+    $sandbox['current']++;
+  }
+  $sandbox['#finished'] = empty($sandbox['max']) ? 1 : ($sandbox['current'] / $sandbox['max']);
+  if ($sandbox['#finished'] >= 1) {
+    return t('Autologout settings are successfully updated. Updated @users', ["@users" => $sandbox['max']]);
+  }
+}
+
+/**
+ * Configure default value for dialog title.
+ */
+function dg_autologout_update_8002(&$sandbox) {
+  $dg_autologout_settings = \Drupal::service('config.factory')->getEditable('dg_autologout.settings');
+  $default_dialog_title = \Drupal::config('system.site')->get('name') . ' Alert';
+  $dg_autologout_settings->set('dialog_title', $default_dialog_title)->save();
+}
+
+/**
+ * Store default value for setting 'Disable user-specific logout thresholds'.
+ */
+function dg_autologout_update_8003(&$sandbox) {
+  $config_factory = \Drupal::configFactory();
+  $config = $config_factory->getEditable('dg_autologout.settings');
+  $config->set('no_individual_logout_threshold', FALSE);
+  $config->save(TRUE);
+}
+
+/**
+ * Make sure the js_cookie dependency is enabled.
+ */
+function dg_autologout_update_9201(&$sandbox): void {
+  \Drupal::service('module_installer')->install(['js_cookie']);
+}

web/modules/custom/dg_autologout/dg_autologout.libraries.yml

@@ -0,0 +1,10 @@
+drupal.dg_autologout:
+  version: VERSION
+  js:
+    js/autologout.js: {}
+
+  dependencies:
+    - core/drupal.dialog
+    - core/drupal.ajax
+    - core/drupalSettings
+    - js_cookie/js-cookie

web/modules/custom/dg_autologout/dg_autologout.links.menu.yml

@@ -0,0 +1,6 @@
+dg_autologout.set_admin:
+  title: 'Digital.gov Automated logout settings'
+  parent: user.admin_index
+  description: 'Configure default automated logout settings.'
+  weight: -10
+  route_name: dg_autologout.set_admin

web/modules/custom/dg_autologout/dg_autologout.links.task.yml

@@ -0,0 +1,4 @@
+dg_autologout.set_admin:
+  title: 'Digital.gov Automated logout settings'
+  route_name: dg_autologout.set_admin
+  base_route: dg_autologout.set_admin