feat: implement session expiry extension and 401 recovery

2026-01-31 12:23:33 -06:00 · 2026-01-30 16:01:17 -06:00
parent 669dec0235
commit fb27bdc119
11 changed files with 93 additions and 32 deletions
@@ -235,7 +235,7 @@ pub async fn auth_callback(
    let session = crate::data::sessions::create_session(
        &state.db_pool,
        discord_id,
-        Duration::from_secs(7 * 24 * 3600),
+        Duration::from_secs(crate::data::sessions::SESSION_DURATION_SECS),
    )
    .await
    .map_err(|e| {
@@ -248,7 +248,11 @@ pub async fn auth_callback(

    // 6. Build response with session cookie
    let secure = redirect_uri.starts_with("https://");
-    let cookie = session_cookie(&session.id, 604800, secure);
+    let cookie = session_cookie(
+        &session.id,
+        crate::data::sessions::SESSION_DURATION_SECS as i64,
+        secure,
+    );

    let redirect_to = if user.is_admin { "/admin" } else { "/" };

@@ -9,8 +9,8 @@
 use chrono::NaiveDate;
 use serde_json::Value;
 use sqlx::PgPool;
-use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
+use std::sync::atomic::{AtomicBool, Ordering};
 use tokio::sync::watch;
 use tracing::{debug, error, info};

@@ -141,11 +141,10 @@ struct ScheduleRow {
 async fn load_snapshot(pool: &PgPool) -> anyhow::Result<ScheduleSnapshot> {
    let start = std::time::Instant::now();

-    let rows: Vec<ScheduleRow> = sqlx::query_as(
-        "SELECT subject, enrollment, meeting_times FROM courses",
-    )
-    .fetch_all(pool)
-    .await?;
+    let rows: Vec<ScheduleRow> =
+        sqlx::query_as("SELECT subject, enrollment, meeting_times FROM courses")
+            .fetch_all(pool)
+            .await?;

    let courses: Vec<CachedCourse> = rows
        .into_iter()
@@ -108,7 +108,6 @@ impl SessionCache {
    /// Delete expired sessions from the database and sweep the in-memory cache.
    ///
    /// Returns the number of sessions deleted from the database.
-    #[allow(dead_code)] // Intended for periodic cleanup task (not yet wired)
    pub async fn cleanup_expired(&self) -> anyhow::Result<u64> {
        let deleted = crate::data::sessions::cleanup_expired(&self.db_pool).await?;

@@ -233,9 +233,8 @@ pub(crate) async fn timeline(
                    s.active_during(local_date, wday_bit, slot_start_minutes, slot_end_minutes)
                });
                if active {
-                    *subject_totals
-                        .entry(course.subject.clone())
-                        .or_default() += course.enrollment as i64;
+                    *subject_totals.entry(course.subject.clone()).or_default() +=
+                        course.enrollment as i64;
                }
            }