From 3e7d0dbd23c5fb08167358cfe7e53be5dcbe0e45 Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Thu, 22 Feb 2018 15:43:56 +0100
Subject: [PATCH] update user.last_activity whenever we see activity on API
 tokens / cookies

---
 jupyterhub/apihandlers/auth.py |  6 ++++--
 jupyterhub/handlers/base.py    | 13 +++++++++++--
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/jupyterhub/apihandlers/auth.py b/jupyterhub/apihandlers/auth.py
index fea04a49..839fcc4a 100644
--- a/jupyterhub/apihandlers/auth.py
+++ b/jupyterhub/apihandlers/auth.py
@@ -24,7 +24,11 @@ class TokenAPIHandler(APIHandler):
             orm_token = orm.OAuthAccessToken.find(self.db, token)
         if orm_token is None:
             raise web.HTTPError(404)
+
+        # record activity whenever we see a token
+        now = orm_token.last_activity = datetime.utcnow()
         if orm_token.user:
+            orm_token.user.last_activity = now
             model = self.user_model(self.users[orm_token.user])
         elif orm_token.service:
             model = self.service_model(orm_token.service)
@@ -33,8 +37,6 @@ class TokenAPIHandler(APIHandler):
             self.db.delete(orm_token)
             self.db.commit()
             raise web.HTTPError(404)
-        # record activity whenever we see a token
-        orm_token.last_activity = datetime.utcnow()
         self.db.commit()
         self.write(json.dumps(model))
 
diff --git a/jupyterhub/handlers/base.py b/jupyterhub/handlers/base.py
index 7a694b64..b5713766 100644
--- a/jupyterhub/handlers/base.py
+++ b/jupyterhub/handlers/base.py
@@ -191,7 +191,8 @@ class BaseHandler(RequestHandler):
         if orm_token is None:
             return None
         else:
-            orm_token.last_activity = datetime.utcnow()
+            orm_token.last_activity = \
+                orm_token.user.last_activity = datetime.utcnow()
             self.db.commit()
             return self._user_from_orm(orm_token.user)
 
@@ -205,7 +206,11 @@ class BaseHandler(RequestHandler):
             return None
         else:
             # record token activity
-            orm_token.last_activity = datetime.utcnow()
+            now = datetime.utcnow()
+            orm_token.last_activity = now
+            if orm_token.user:
+                orm_token.user.last_activity = now
+
             self.db.commit()
             return orm_token.service or self._user_from_orm(orm_token.user)
 
@@ -231,6 +236,10 @@ class BaseHandler(RequestHandler):
             self.log.warning("Invalid cookie token")
             # have cookie, but it's not valid. Clear it and start over.
             clear()
+            return
+        # update user activity
+        user.last_activity = datetime.utcnow()
+        self.db.commit()
         return user
 
     def _user_from_orm(self, orm_user):