From fedf9e8e76702dd4fe7f474db718a0d190609626 Mon Sep 17 00:00:00 2001
From: Mark Janssen -- Sig-I/O Automatisering <mark@sig-io.nl>
Date: Thu, 26 Feb 2015 13:54:42 +0100
Subject: [PATCH] Renew cookie on authenticated requests to reset
 timeout/lifetime

---
 mod_authn_linotp.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mod_authn_linotp.c b/mod_authn_linotp.c
index 4fc1013..a9be485 100644
--- a/mod_authn_linotp.c
+++ b/mod_authn_linotp.c
@@ -646,7 +646,10 @@ authn_linotp_check_password(request_rec *r, const char *username, const char *ot
 		ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server, "Found cookie=%s for user=%s : ", cookie, r->user);
 		/* valid username, passwd, and expiry date: don't do LinOTP auth */
 		if (valid_cookie(r, cookie, otp_given)) {
-		  ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server,"cookie still valid.  Serving page.");
+		  ap_log_error(APLOG_MARK, APLOG_NOERRNO | APLOG_DEBUG, 0, r->server,"cookie still valid, renewing.  Serving page.");
+		  /* Renew active cookie with new timeout */
+		  expires = time(NULL) + conf->timeout;
+		  add_cookie(r, r->headers_out, cookie, expires);
 		  returnValue=AUTH_GRANTED;
 		  goto cleanup;
 		} else {			/* the cookie has probably expired */