CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-06-27 02:20:35 +12:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into feature/new-screen-addition-ui

Browse source
This commit is contained in:
Dean 2022-04-07 14:22:11 +01:00
parent 09defee462 18a010b57b
commit 75be5cff35
1 changed files with 22 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
packages/backend-core/src/security/sessions.js
View file

@ -14,25 +14,7 @@ function makeSessionID(userId, sessionId) {
return `${userId}/${sessionId}`
}
exports.createASession = async (userId, session) => {
// invalidate all other sessions
await this.invalidateSessions(userId)
const client = await redis.getSessionClient()
const sessionId = session.sessionId
if (!session.csrfToken) {
session.csrfToken = uuidv4()
}
session = {
createdAt: new Date().toISOString(),
lastAccessedAt: new Date().toISOString(),
...session,
userId,
}
await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS)
}
exports.invalidateSessions = async (userId, sessionIds = null) => {
async function invalidateSessions(userId, sessionIds = null) {
let sessions = []
// If no sessionIds, get all the sessions for the user
@ -58,6 +40,24 @@ exports.invalidateSessions = async (userId, sessionIds = null) => {
await Promise.all(promises)
}
exports.createASession = async (userId, session) => {
// invalidate all other sessions
await invalidateSessions(userId)
const client = await redis.getSessionClient()
const sessionId = session.sessionId
if (!session.csrfToken) {
session.csrfToken = uuidv4()
}
session = {
createdAt: new Date().toISOString(),
lastAccessedAt: new Date().toISOString(),
...session,
userId,
}
await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS)
}
exports.updateSessionTTL = async session => {
const client = await redis.getSessionClient()
const key = makeSessionID(session.userId, session.sessionId)
@ -70,8 +70,6 @@ exports.endSession = async (userId, sessionId) => {
await client.delete(makeSessionID(userId, sessionId))
}
exports.getUserSessions = getSessionsForUser
exports.getSession = async (userId, sessionId) => {
try {
const client = await redis.getSessionClient()
@ -87,3 +85,6 @@ exports.getAllSessions = async () => {
const sessions = await client.scan()
return sessions.map(session => session.value)
}
exports.getUserSessions = getSessionsForUser
exports.invalidateSessions = invalidateSessions