CLDR-15744 make sure settings.user.touch() is called (#3761)

tools/cldr-apps/js/src/esm/cldrAccount.mjs

@@ -743,7 +743,7 @@ function getUserSeen(u) {
     return "";
   }
   const what = u.data.active ? "active" : "seen";
-  let html = "<b>" + what + ": " + when + " ago</b>";
+  let html = "<b>" + what + ": " + when + "</b>";
   if (what === "seen") {
     html += "<br /><font size='-2'>" + u.data.lastlogin + "</font></td>";
   }

tools/cldr-apps/src/main/java/org/unicode/cldr/web/CookieSession.java

@@ -359,29 +359,39 @@ public void touch() {
     /** Note a direct user action. */
     public void userDidAction() {
         lastActionMillisSinceEpoch = System.currentTimeMillis();
+        if (user != null) {
+            user.touch(); // explicitly update user last login time
+        }
     }
 
-    /** Delete a session. */
-    public void remove() {
+    /**
+     * Delete a session.
+     *
+     * @return the user that was deleted, if any
+     */
+    public UserRegistry.User remove() {
         synchronized (gHash) {
             if (user != null) {
                 uHash.remove(user.email);
             }
             gHash.remove(id);
         }
         if (DEBUG_INOUT) System.out.println("S: Removing session: " + id + " - " + user);
+        return user;
     }
 
     /**
-     * Remove a specific session
+     * Remove a specific session (and return if found)
      *
      * @param sessionId
+     * @return the user that was logged out, if any
      */
-    public static void remove(String sessionId) {
+    public static UserRegistry.User remove(String sessionId) {
         CookieSession sess = CookieSession.retrieveWithoutTouch(sessionId);
         if (sess != null) {
-            sess.remove(); // forcibly remove session
+            return sess.remove(); // forcibly remove session
         }
+        return null;
     }
 
     /**

tools/cldr-apps/src/main/java/org/unicode/cldr/web/SurveyMain.java

@@ -10,6 +10,7 @@
 import com.ibm.icu.dev.util.ElapsedTimer;
 import com.ibm.icu.lang.UCharacter;
 import com.ibm.icu.text.ListFormatter;
+import com.ibm.icu.text.RelativeDateTimeFormatter;
 import com.ibm.icu.text.UnicodeSet;
 import com.ibm.icu.util.ULocale;
 import java.io.BufferedReader;
@@ -41,6 +42,7 @@
 import java.util.Hashtable;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Properties;
 import java.util.Set;
@@ -3506,18 +3508,25 @@ public static String durationDiff(long a) {
     }
 
     private static String timeDiff(long a, long b) {
+
         final long ONE_DAY = 86400 * 1000;
-        final long A_LONG_TIME = ONE_DAY * 3;
+        final long A_LONG_TIME = ONE_DAY;
         if ((b - a) > (A_LONG_TIME)) {
             double del = (b - a);
             del /= ONE_DAY;
             int days = (int) del;
-            return days + " days";
+            return RelativeDateTimeFormatter.getInstance(Locale.ENGLISH)
+                    .format(
+                            days,
+                            RelativeDateTimeFormatter.Direction.LAST,
+                            RelativeDateTimeFormatter.RelativeUnit.DAYS);
         } else {
-            // round to even second, to avoid ElapsedTimer bug
-            a -= (a % 1000);
-            b -= (b % 1000);
-            return ElapsedTimer.elapsedTime(a, b);
+            final double hours = (b - a) / (3600.0 * 1000.0);
+            return RelativeDateTimeFormatter.getInstance(Locale.ENGLISH)
+                    .format(
+                            hours,
+                            RelativeDateTimeFormatter.Direction.LAST,
+                            RelativeDateTimeFormatter.RelativeUnit.HOURS);
         }
     }
 

tools/cldr-apps/src/main/java/org/unicode/cldr/web/WebContext.java

@@ -1533,7 +1533,10 @@ public static void logout(HttpServletRequest request, HttpServletResponse respon
                                 + sessionId);
             }
             if (sessionId != null) {
-                CookieSession.remove(sessionId);
+                final UserRegistry.User user = CookieSession.remove(sessionId);
+                if (user != null) {
+                    user.touch(); // update user last seen time to logout time
+                }
             }
             session.removeAttribute(SurveyMain.SURVEYTOOL_COOKIE_SESSION);
         }

tools/cldr-apps/src/main/java/org/unicode/cldr/web/api/Auth.java

@@ -148,6 +148,9 @@ public Response login(
             session.settings().set(SurveyMain.PREF_COVLEV, null);
             LoginResponse resp = createLoginResponse(session);
             WebContext.setSessionCookie(hresp, resp.sessionId);
+            if (session.user != null) {
+                session.user.touch(); // update last logged in time
+            }
             return Response.ok().entity(resp).header(SESSION_HEADER, session.id).build();
         } catch (LogoutException ioe) {
             return Response.status(403, "Login Failed").build();
@@ -188,7 +191,15 @@ public Response logout(
             @Context HttpServletResponse hresp,
             @QueryParam("session") @Schema(required = true, description = "Session ID to logout")
                     final String session) {
-
+        final CookieSession cs = CookieSession.retrieveWithoutTouch(session);
+        if (cs != null) {
+            final UserRegistry.User u = cs.remove();
+            if (u != null) {
+                u.touch(); // mark as logged out
+            }
+        }
+        // next line is to clear cookies, especially if there was a different
+        // session cookie for some reason.
         // TODO: move Cookie management out of WebContext and into Auth.java
         WebContext.logout(hreq, hresp);