From d347e8286bae38b3949f6e0f58d8ab8632cd9c0e Mon Sep 17 00:00:00 2001
From: Jesse Morgan <jesse@jesterpm.net>
Date: Sun, 23 Feb 2025 17:01:01 -0800
Subject: Track token expiration

Force reauthentication after the token expires.
---
 controllers/controllers.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'controllers/controllers.php')

diff --git a/controllers/controllers.php b/controllers/controllers.php
index 153c9e2..de497c9 100644
--- a/controllers/controllers.php
+++ b/controllers/controllers.php
@@ -30,7 +30,17 @@ function require_login(&$app, $redirect=true) {
       $app->redirect('/', 302);
     return false;
   } else {
-    return ORM::for_table('users')->find_one($_SESSION['user_id']);
+    $user = ORM::for_table('users')->find_one($_SESSION['user_id']);
+    if(isset($user->micropub_token_expiration)) {
+      $now = new DateTime();
+      $expiration = new DateTime($user->micropub_token_expiration);
+      if($now > $expiration) {
+        header('X-Error: TokenExpired');
+        $app->redirect('/auth/start?'.http_build_query(array('me' => $user->url)), 302);
+        return false;
+      }
+    }
+    return $user;
   }
 }
 
-- 
cgit v1.2.3