From 74c74d78f29f2fa18a85253f4c2e939dddaf6e40 Mon Sep 17 00:00:00 2001 From: Martin McKeaveney Date: Wed, 13 Oct 2021 12:26:26 +0100 Subject: [PATCH] encapsulate global logout function --- packages/auth/src/utils.js | 22 +++++++++---------- .../src/api/controllers/global/users.js | 5 +---- 2 files changed, 11 insertions(+), 16 deletions(-) diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js index 2f24657ed3..823fd06322 100644 --- a/packages/auth/src/utils.js +++ b/packages/auth/src/utils.js @@ -240,22 +240,20 @@ exports.saveUser = async ( /** * Logs a user out from budibase. Re-used across account portal and builder. */ -exports.platformLogout = async ({ - ctx, - userId, - sessionId, - keepActiveSession, -}) => { +exports.platformLogout = async ({ ctx, userId, keepActiveSession }) => { + if (!ctx) throw new Error("Koa context must be supplied to logout.") + + const currentSession = this.getCookie(ctx, Cookies.Auth) let sessions = await getUserSessions(userId) if (keepActiveSession) { - sessions = sessions.filter(session => session.sessionId !== sessionId) + sessions = sessions.filter( + session => session.sessionId !== currentSession.sessionId + ) } else { - if (ctx) { - // clear cookies - this.clearCookie(ctx, Cookies.Auth) - this.clearCookie(ctx, Cookies.CurrentApp) - } + // clear cookies + this.clearCookie(ctx, Cookies.Auth) + this.clearCookie(ctx, Cookies.CurrentApp) } await invalidateSessions( diff --git a/packages/worker/src/api/controllers/global/users.js b/packages/worker/src/api/controllers/global/users.js index 0e50a9fcd0..ed70d6122e 100644 --- a/packages/worker/src/api/controllers/global/users.js +++ b/packages/worker/src/api/controllers/global/users.js @@ -3,9 +3,8 @@ const { StaticDatabases, generateNewUsageQuotaDoc, } = require("@budibase/auth/db") -const { hash, getGlobalUserByEmail, saveUser, platformLogout, getCookie } = +const { hash, getGlobalUserByEmail, saveUser, platformLogout } = require("@budibase/auth").utils -const { Cookies } = require("@budibase/auth").constants const { EmailTemplatePurpose } = require("../../../constants") const { checkInviteCode } = require("../../../utilities/redis") const { sendEmail } = require("../../../utilities/email") @@ -178,11 +177,9 @@ exports.updateSelf = async ctx => { // changing password ctx.request.body.password = await hash(ctx.request.body.password) // Log all other sessions out apart from the current one - const authCookie = getCookie(ctx, Cookies.Auth) await platformLogout({ ctx, userId: ctx.user._id, - sessionId: authCookie.sessionId, keepActiveSession: true, }) }