From 484049c5ae76cfecf6737f6c799e76af27993028 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Tue, 16 Jan 2024 19:06:05 +0530 Subject: [PATCH] fix: simultenous sessions ux (#24387) * fix: set 2 as simultaneous_sessions by default * fix: Correct offset for simultaneous_sessions * refactor: use freeze_time instead of patching * chore: misleading docstring * test: set lower simultaneous_sessions for test --- frappe/core/doctype/user/user.json | 2 +- frappe/database/database.py | 2 +- frappe/sessions.py | 3 ++- frappe/tests/test_auth.py | 7 ++++--- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/frappe/core/doctype/user/user.json b/frappe/core/doctype/user/user.json index 5ed990a794..30a1ccc865 100644 --- a/frappe/core/doctype/user/user.json +++ b/frappe/core/doctype/user/user.json @@ -462,7 +462,7 @@ "read_only": 1 }, { - "default": "1", + "default": "2", "fieldname": "simultaneous_sessions", "fieldtype": "Int", "label": "Simultaneous Sessions" diff --git a/frappe/database/database.py b/frappe/database/database.py index 051d241d55..0a002e670e 100644 --- a/frappe/database/database.py +++ b/frappe/database/database.py @@ -783,7 +783,7 @@ class Database: Example: # Update the `deny_multiple_sessions` field in System Settings DocType. - company = frappe.db.set_single_value("System Settings", "deny_multiple_sessions", True) + frappe.db.set_single_value("System Settings", "deny_multiple_sessions", True) """ to_update = self._get_update_dict( diff --git a/frappe/sessions.py b/frappe/sessions.py index ef1e7f54f1..43a675da68 100644 --- a/frappe/sessions.py +++ b/frappe/sessions.py @@ -59,11 +59,12 @@ def get_sessions_to_clear(user=None, keep_current=False): offset = 0 if user == frappe.session.user: simultaneous_sessions = frappe.db.get_value("User", user, "simultaneous_sessions") or 1 - offset = simultaneous_sessions - 1 + offset = simultaneous_sessions session = frappe.qb.DocType("Sessions") session_id = frappe.qb.from_(session).where(session.user == user) if keep_current: + offset = max(0, offset - 1) session_id = session_id.where(session.sid != frappe.session.sid) query = ( diff --git a/frappe/tests/test_auth.py b/frappe/tests/test_auth.py index adff36c8f3..c50de76684 100644 --- a/frappe/tests/test_auth.py +++ b/frappe/tests/test_auth.py @@ -22,6 +22,7 @@ def add_user(email, password, username=None, mobile_no=None): dict(doctype="User", email=email, first_name=first_name, username=username, mobile_no=mobile_no) ).insert() user.new_password = password + user.simultaneous_sessions = 1 user.add_roles("System Manager") frappe.db.commit() @@ -212,12 +213,12 @@ class TestSessionExpirty(FrappeAPITestCase): seconds_elapsed = expiry_in * step / 100 time_now = add_to_date(session_created, seconds=seconds_elapsed, as_string=True) - with patch("frappe.utils.now", return_value=time_now): + with self.freeze_time(time_now): data = s.get_session_data_from_db() self.assertEqual(data.user, "Administrator") # 1% higher should immediately expire - time_now = add_to_date(session_created, seconds=expiry_in * 1.01, as_string=True) - with patch("frappe.utils.now", return_value=time_now): + time_of_expiry = add_to_date(session_created, seconds=expiry_in * 1.01, as_string=True) + with self.freeze_time(time_of_expiry): self.assertIn(sid, get_expired_sessions()) self.assertFalse(s.get_session_data_from_db())