CAS authenticate after session expires

app/views/redmine_cas/_settings.html.erb

@@ -17,3 +17,8 @@
   <%= check_box_tag "settings[autocreate_users]", 1, @settings[:autocreate_users] %>
   <em class="info"><%= l(:redmine_cas_settings_autocreate_users_helptext).html_safe %></em>
 </p>
+<p>
+  <%= label_tag "settings[cas_session_expiry]", l(:redmine_cas_settings_cas_session_expiry_label) %>
+  <%= check_box_tag "settings[cas_session_expiry]", 1, @settings[:cas_session_expiry] %>
+  <em class="info"><%= l(:redmine_cas_settings_cas_session_expiry_helptext).html_safe %></em>
+</p>

config/locales/en.yml

@@ -6,5 +6,7 @@ en:
   redmine_cas_settings_attributes_mapping_helptext: 'This is how the plugin maps extended attributes from the CAS server to the Redmine model.<br /><code>attribute_name_in_redmine=attribute_name_in_cas_response</code><br />Separate entries with <code>&amp;</code> (query-string).<br />Example: <code>firstname=first_name&amp;lastname=last_name&amp;mail=email</code><br />Valid attribute names: <code>%{attribute_names}</code>'
   redmine_cas_settings_autocreate_users_label: 'Auto-create users'
   redmine_cas_settings_autocreate_users_helptext: 'Automatically create a redmine user if it is successfully authenticated.<br />Will only work if you specify firstname, lastname and mail in the attributes mapping setting above.'
+  redmine_cas_settings_cas_session_expiry_label: 'CAS authenticate after session expires'
+  redmine_cas_settings_cas_session_expiry_helptext: 'Automatically reauthenticate with CAS after the login session expires.'
   redmine_cas_user_not_found: '"%{user}" was authenticated but needs to be created in Redmine first.'
   redmine_cas_user_not_created: '"%{user}" was authenticated but could not be created automatically in Redmine. It must be added manually.'

init.rb

@@ -15,7 +15,8 @@
     'enabled' => false,
     'cas_url' => 'https://',
     'attributes_mapping' => 'firstname=first_name&lastname=last_name&mail=email',
-    'autocreate_users' => false
+    'autocreate_users' => false,
+    'cas_esssion_expiry' => false
   }, :partial => 'redmine_cas/settings'
 
   Rails.configuration.to_prepare do

lib/redmine_cas.rb

@@ -16,6 +16,10 @@ def autocreate_users?
     setting(:autocreate_users)
   end
 
+  def cas_session_expiry?
+	setting(:cas_session_expiry)
+  end
+
   def setup!
     return unless enabled?
     CASClient::Frameworks::Rails::Filter.configure(

lib/redmine_cas/application_controller_patch.rb

@@ -7,6 +7,7 @@ def self.included(base)
       base.class_eval do
         alias_method_chain :verify_authenticity_token, :cas
         alias_method_chain :require_login, :cas
+        alias_method_chain :session_expiration, :cas
       end
     end
 
@@ -80,6 +81,17 @@ def cas_user_not_created(user)
         logger.error "Could not auto-create user: #{user.errors.full_messages.to_sentence}"
         render_403 :message => l(:redmine_cas_user_not_created, :user => session[:cas_user])
       end
+
+      def session_expiration_with_cas
+        return session_expiration_without_cas unless RedmineCAS.enabled? and RedmineCAS.cas_session_expiry?
+        if session[:user_id]
+          if session_expired? && !try_to_autologin
+            reset_session
+          else
+            session[:atime] = Time.now.utc.to_i
+          end
+        end
+      end
     end
   end
 end