public function createSession($ip)
{
$session = new RPCSession();
$session->rpcuser_id = $this->id;
$session->rpcuser = $this;
$session->expires_at = time() + 3600;
$session->ip = $ip;
if ($session->save()) {
return $session;
} else {
throw new Error500('Unable to create session', $session);
}
}
/**
* Given a session ID, it ensures it exists and hasn't expired. If it has, then it throws
* the appropriate RPCException
*
* @param string $session The code of the session to try and authenticate against
* @return object The RPCSession object
* @throws RPCException
*/
protected function auth($session)
{
$session = RPCSession::find_by_code($session);
if (!$session) {
throw new RPCException('Invalid session', 403);
}
if ($session->expires_at <= time()) {
//throw new RPCException('Session has expired', 900);
}
// Extend the session for another hour
$session->expires_at = time() + 3600;
$session->save();
return $session;
}
<?php
require "init.php";
$script = Script::find_by_code('delete_sessions');
$script->start();
ob_start();
$time = date("H:i:s");
echo "[{$time}] Deleting old RPC sessions\r\n\r\n";
RPCSession::clear();
$script = Script::find_by_code('delete_sessions');
$output = ob_get_clean();
$script->finish($output);
