refactor: use session group for session limit
This commit is contained in:
parent
3885e0452c
commit
e0be09ded6
2 changed files with 28 additions and 32 deletions
|
@ -140,7 +140,7 @@ App::post('/v1/account')
|
||||||
App::post('/v1/account/sessions/email')
|
App::post('/v1/account/sessions/email')
|
||||||
->alias('/v1/account/sessions')
|
->alias('/v1/account/sessions')
|
||||||
->desc('Create Email Session')
|
->desc('Create Email Session')
|
||||||
->groups(['api', 'account', 'auth'])
|
->groups(['api', 'account', 'auth', 'session'])
|
||||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||||
->label('scope', 'public')
|
->label('scope', 'public')
|
||||||
->label('auth.type', 'emailPassword')
|
->label('auth.type', 'emailPassword')
|
||||||
|
@ -365,7 +365,7 @@ App::post('/v1/account/sessions/oauth2/callback/:provider/:projectId')
|
||||||
|
|
||||||
App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
||||||
->desc('OAuth2 Redirect')
|
->desc('OAuth2 Redirect')
|
||||||
->groups(['api', 'account'])
|
->groups(['api', 'account', 'session'])
|
||||||
->label('error', __DIR__ . '/../../views/general/error.phtml')
|
->label('error', __DIR__ . '/../../views/general/error.phtml')
|
||||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||||
->label('scope', 'public')
|
->label('scope', 'public')
|
||||||
|
@ -739,7 +739,7 @@ App::post('/v1/account/sessions/magic-url')
|
||||||
|
|
||||||
App::put('/v1/account/sessions/magic-url')
|
App::put('/v1/account/sessions/magic-url')
|
||||||
->desc('Create Magic URL session (confirmation)')
|
->desc('Create Magic URL session (confirmation)')
|
||||||
->groups(['api', 'account'])
|
->groups(['api', 'account', 'session'])
|
||||||
->label('scope', 'public')
|
->label('scope', 'public')
|
||||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||||
->label('audits.event', 'session.update')
|
->label('audits.event', 'session.update')
|
||||||
|
@ -981,7 +981,7 @@ App::post('/v1/account/sessions/phone')
|
||||||
|
|
||||||
App::put('/v1/account/sessions/phone')
|
App::put('/v1/account/sessions/phone')
|
||||||
->desc('Create Phone Session (confirmation)')
|
->desc('Create Phone Session (confirmation)')
|
||||||
->groups(['api', 'account'])
|
->groups(['api', 'account', 'session'])
|
||||||
->label('scope', 'public')
|
->label('scope', 'public')
|
||||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||||
->label('usage.metric', 'sessions.{scope}.requests.create')
|
->label('usage.metric', 'sessions.{scope}.requests.create')
|
||||||
|
@ -1096,7 +1096,7 @@ App::put('/v1/account/sessions/phone')
|
||||||
|
|
||||||
App::post('/v1/account/sessions/anonymous')
|
App::post('/v1/account/sessions/anonymous')
|
||||||
->desc('Create Anonymous Session')
|
->desc('Create Anonymous Session')
|
||||||
->groups(['api', 'account', 'auth'])
|
->groups(['api', 'account', 'auth', 'session'])
|
||||||
->label('event', 'users.[userId].sessions.[sessionId].create')
|
->label('event', 'users.[userId].sessions.[sessionId].create')
|
||||||
->label('scope', 'public')
|
->label('scope', 'public')
|
||||||
->label('auth.type', 'anonymous')
|
->label('auth.type', 'anonymous')
|
||||||
|
|
|
@ -319,16 +319,13 @@ App::init()
|
||||||
});
|
});
|
||||||
|
|
||||||
App::shutdown()
|
App::shutdown()
|
||||||
->groups(['auth'])
|
->groups(['session'])
|
||||||
->inject('utopia')
|
->inject('utopia')
|
||||||
->inject('request')
|
->inject('request')
|
||||||
->inject('response')
|
->inject('response')
|
||||||
->inject('project')
|
->inject('project')
|
||||||
->inject('dbForProject')
|
->inject('dbForProject')
|
||||||
->action(function (App $utopia, Request $request, Response $response, Document $project, Database $dbForProject) {
|
->action(function (App $utopia, Request $request, Response $response, Document $project, Database $dbForProject) {
|
||||||
$route = $utopia->match($request);
|
|
||||||
$event = $route->getLabel('event', '');
|
|
||||||
if ($event === 'users.[userId].sessions.[sessionId].create' && $project->getId() != 'console') {
|
|
||||||
$sessionLimit = $project->getAttribute('auths', [])['maxSessions'] ?? APP_LIMIT_USER_SESSIONS;
|
$sessionLimit = $project->getAttribute('auths', [])['maxSessions'] ?? APP_LIMIT_USER_SESSIONS;
|
||||||
$session = $response->getPayload();
|
$session = $response->getPayload();
|
||||||
$userId = $session['userId'] ?? '';
|
$userId = $session['userId'] ?? '';
|
||||||
|
@ -352,7 +349,6 @@ App::shutdown()
|
||||||
$dbForProject->deleteDocument('sessions', $session->getId());
|
$dbForProject->deleteDocument('sessions', $session->getId());
|
||||||
}
|
}
|
||||||
$dbForProject->deleteCachedDocument('users', $userId);
|
$dbForProject->deleteCachedDocument('users', $userId);
|
||||||
}
|
|
||||||
});
|
});
|
||||||
|
|
||||||
App::shutdown()
|
App::shutdown()
|
||||||
|
|
Loading…
Reference in a new issue