platform logout function
This commit is contained in:
parent
2674f1992f
commit
3f279d8d0f
|
@ -243,19 +243,26 @@ exports.saveUser = async (
|
|||
/**
|
||||
* Logs a user out from budibase. Re-used across account portal and builder.
|
||||
*/
|
||||
exports.logout = async ({ ctx, userId, sessionId, keepActiveSession }) => {
|
||||
exports.platformLogout = async ({
|
||||
ctx,
|
||||
userId,
|
||||
sessionId,
|
||||
keepActiveSession,
|
||||
}) => {
|
||||
let sessions = await getSessionsForUser(userId)
|
||||
|
||||
if (keepActiveSession) {
|
||||
sessions = sessions.filter(session => session.sessionId !== sessionId)
|
||||
} else {
|
||||
if (ctx) {
|
||||
// clear cookies
|
||||
this.clearCookie(ctx, Cookies.Auth)
|
||||
this.clearCookie(ctx, Cookies.CurrentApp)
|
||||
}
|
||||
}
|
||||
|
||||
await invalidateSessions(
|
||||
userId,
|
||||
sessions.map(({ sessionId }) => sessionId)
|
||||
)
|
||||
|
||||
// clear cookies
|
||||
this.clearCookie(ctx, Cookies.Auth)
|
||||
this.clearCookie(ctx, Cookies.CurrentApp)
|
||||
}
|
||||
|
|
|
@ -14,7 +14,7 @@ const {
|
|||
isMultiTenant,
|
||||
} = require("@budibase/auth/tenancy")
|
||||
const env = require("../../../environment")
|
||||
const { endSession } = require("../../../../../auth/sessions")
|
||||
const { platformLogout } = require("../../../../../auth/src/utils")
|
||||
|
||||
function googleCallbackUrl(config) {
|
||||
// incase there is a callback URL from before
|
||||
|
@ -122,10 +122,7 @@ exports.resetUpdate = async ctx => {
|
|||
}
|
||||
|
||||
exports.logout = async ctx => {
|
||||
const authCookie = getCookie(ctx, Cookies.Auth)
|
||||
clearCookie(ctx, Cookies.Auth)
|
||||
clearCookie(ctx, Cookies.CurrentApp)
|
||||
await endSession(authCookie.sessionId)
|
||||
await platformLogout({ ctx, userId: ctx.user._id })
|
||||
ctx.body = { message: "User logged out." }
|
||||
}
|
||||
|
||||
|
|
|
@ -3,7 +3,9 @@ const {
|
|||
StaticDatabases,
|
||||
generateNewUsageQuotaDoc,
|
||||
} = require("@budibase/auth/db")
|
||||
const { hash, getGlobalUserByEmail, saveUser } = require("@budibase/auth").utils
|
||||
const { hash, getGlobalUserByEmail, saveUser, platformLogout, getCookie } =
|
||||
require("@budibase/auth").utils
|
||||
const { Cookies } = require("@budibase/auth").constants
|
||||
const { EmailTemplatePurpose } = require("../../../constants")
|
||||
const { checkInviteCode } = require("../../../utilities/redis")
|
||||
const { sendEmail } = require("../../../utilities/email")
|
||||
|
@ -175,7 +177,14 @@ exports.updateSelf = async ctx => {
|
|||
if (ctx.request.body.password) {
|
||||
// changing password
|
||||
ctx.request.body.password = await hash(ctx.request.body.password)
|
||||
await invalidateSessions(ctx.user._id)
|
||||
// Log all other sessions out apart from the current one
|
||||
const authCookie = getCookie(ctx, Cookies.Auth)
|
||||
await platformLogout({
|
||||
ctx,
|
||||
userId: ctx.user._id,
|
||||
sessionId: authCookie.sessionId,
|
||||
keepActiveSession: true,
|
||||
})
|
||||
}
|
||||
// don't allow sending up an ID/Rev, always use the existing one
|
||||
delete ctx.request.body._id
|
||||
|
|
Loading…
Reference in New Issue