From ad91b1861835234cf32c0563897ee47621d156bb Mon Sep 17 00:00:00 2001
From: aozhiwei <aozhiwei@kingsome.cn>
Date: Tue, 31 May 2022 11:24:49 +0800
Subject: [PATCH 1/4] 1

---
 .../controller/BaseAuthedController.class.php | 28 ++++++++++++++++---
 webapp/controller/UserController.class.php    |  2 ++
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php
index 4fe226ec..bef9b5b0 100644
--- a/webapp/controller/BaseAuthedController.class.php
+++ b/webapp/controller/BaseAuthedController.class.php
@@ -25,13 +25,33 @@ class BaseAuthedController extends BaseController {
 
     public function _handlePre()
     {
-        $this->accountId = $_REQUEST['account_id'];
-        $this->sessionId = $_REQUEST['session_id'];
+        $this->accountId = getReqVal('account_id', '');
+        $this->sessionId = getReqVal('session_id', '');
         if (!phpcommon\isValidSessionId($this->accountId,
-                                       $this->sessionId)) {
+                                        $this->sessionId)) {
             phpcommon\sendError(500, 'invalid session_id');
-           die();
+            die();
         }
+        if (!(getReqVal('c', '') == 'User' && getReqVal('c', '') == 'login')) {
+            $r = $this->_getRedis($this->_getAccountId());
+            $sessionId = $r->get(LAST_SESSION_KEY . $this->_getAccountId());
+            if (empty($sessionId)) {
+                $this->updateSession(myself()->_getAccountId(),
+                                     myself()->_getSessionId());
+            } else if ($sessionId != $this->_getSessionId()) {
+                error_log('session expiration' . json_encode(
+                    $_REQUEST
+                ));
+                phpcommon\sendError(1001, 'session expiration');
+            }
+        }
+    }
+
+    protected function updateSession($accountId, $sessionId)
+    {
+        $r = $this->_getRedis($this->_getAccountId());
+        $r->set(LAST_SESSION_KEY . $this->_getAccountId());
+        $r->pexpire(LAST_SESSION_KEY . $this->_getAccountId(), 3600 * 24);
     }
 
     public function _getAccountId()
diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php
index d005bffa..ad7b1213 100644
--- a/webapp/controller/UserController.class.php
+++ b/webapp/controller/UserController.class.php
@@ -24,6 +24,8 @@ class UserController extends BaseAuthedController {
 
     public function login()
     {
+        $this->updateSession(myself()->_getAccountId(),
+                             myself()->_getSessionId());
         //$user_name = $_REQUEST['name'];
         //$avatar_url = $_REQUEST['avatar_url'];
         $userName = 'guest';

From fe297c713bf2592663c5df9115343c0f3bb477e6 Mon Sep 17 00:00:00 2001
From: aozhiwei <aozhiwei@kingsome.cn>
Date: Tue, 31 May 2022 11:26:20 +0800
Subject: [PATCH 2/4] 1

---
 webapp/bootstrap/constant.php                    | 2 ++
 webapp/controller/BaseAuthedController.class.php | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/webapp/bootstrap/constant.php b/webapp/bootstrap/constant.php
index cf033cd2..a8e57496 100644
--- a/webapp/bootstrap/constant.php
+++ b/webapp/bootstrap/constant.php
@@ -2,6 +2,8 @@
 
 define('TEAMID_KEY', 'team_uuid:');
 
+define('LAST_SESSION_KEY', 'team_uuid:');
+
 define('V_ITEM_GOLD', 10001);  //金币
 define('V_ITEM_DIAMOND', 10002);  //钻石
 define('V_ITEM_EXP', 10003);  //经验
diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php
index bef9b5b0..7a74c7aa 100644
--- a/webapp/controller/BaseAuthedController.class.php
+++ b/webapp/controller/BaseAuthedController.class.php
@@ -50,7 +50,7 @@ class BaseAuthedController extends BaseController {
     protected function updateSession($accountId, $sessionId)
     {
         $r = $this->_getRedis($this->_getAccountId());
-        $r->set(LAST_SESSION_KEY . $this->_getAccountId());
+        $r->set(LAST_SESSION_KEY . $this->_getAccountId(), $sessionId);
         $r->pexpire(LAST_SESSION_KEY . $this->_getAccountId(), 3600 * 24);
     }
 

From de6dffcbfc4efe25543137a445d0b863d69556e8 Mon Sep 17 00:00:00 2001
From: aozhiwei <aozhiwei@kingsome.cn>
Date: Tue, 31 May 2022 11:29:13 +0800
Subject: [PATCH 3/4] 1

---
 webapp/bootstrap/constant.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapp/bootstrap/constant.php b/webapp/bootstrap/constant.php
index a8e57496..8401fb1d 100644
--- a/webapp/bootstrap/constant.php
+++ b/webapp/bootstrap/constant.php
@@ -2,7 +2,7 @@
 
 define('TEAMID_KEY', 'team_uuid:');
 
-define('LAST_SESSION_KEY', 'team_uuid:');
+define('LAST_SESSION_KEY', 'last_session:');
 
 define('V_ITEM_GOLD', 10001);  //金币
 define('V_ITEM_DIAMOND', 10002);  //钻石

From a9a014dc8fb70d16ce9a2066bda363fa89753ca9 Mon Sep 17 00:00:00 2001
From: aozhiwei <aozhiwei@kingsome.cn>
Date: Tue, 31 May 2022 11:36:29 +0800
Subject: [PATCH 4/4] 1

---
 webapp/controller/BaseAuthedController.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php
index 7a74c7aa..3547f095 100644
--- a/webapp/controller/BaseAuthedController.class.php
+++ b/webapp/controller/BaseAuthedController.class.php
@@ -51,7 +51,7 @@ class BaseAuthedController extends BaseController {
     {
         $r = $this->_getRedis($this->_getAccountId());
         $r->set(LAST_SESSION_KEY . $this->_getAccountId(), $sessionId);
-        $r->pexpire(LAST_SESSION_KEY . $this->_getAccountId(), 3600 * 24);
+        $r->pexpire(LAST_SESSION_KEY . $this->_getAccountId(), 1000 * 3600 * 24);
     }
 
     public function _getAccountId()