MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

platform logout function

This commit is contained in:
Martin McKeaveney 2021-10-12 19:49:34 +01:00
parent b38704978a
commit af7bddcf22
3 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
packages/auth/src/utils.js
View File

@ -243,19 +243,26 @@ exports.saveUser = async (
/** /**
* Logs a user out from budibase. Re-used across account portal and builder. * Logs a user out from budibase. Re-used across account portal and builder.
*/ */
exports.logout = async ({ ctx, userId, sessionId, keepActiveSession }) => { exports.platformLogout = async ({
ctx,
userId,
sessionId,
keepActiveSession,
}) => {
let sessions = await getSessionsForUser(userId) let sessions = await getSessionsForUser(userId)
if (keepActiveSession) { if (keepActiveSession) {
sessions = sessions.filter(session => session.sessionId !== sessionId) sessions = sessions.filter(session => session.sessionId !== sessionId)
} else {
if (ctx) {
// clear cookies
this.clearCookie(ctx, Cookies.Auth)
this.clearCookie(ctx, Cookies.CurrentApp)
}
} }
await invalidateSessions( await invalidateSessions(
userId, userId,
sessions.map(({ sessionId }) => sessionId) sessions.map(({ sessionId }) => sessionId)
) )
// clear cookies
this.clearCookie(ctx, Cookies.Auth)
this.clearCookie(ctx, Cookies.CurrentApp)
} }

7
packages/worker/src/api/controllers/global/auth.js
View File

@ -14,7 +14,7 @@ const {
isMultiTenant, isMultiTenant,
} = require("@budibase/auth/tenancy") } = require("@budibase/auth/tenancy")
const env = require("../../../environment") const env = require("../../../environment")
const { endSession } = require("../../../../../auth/sessions") const { platformLogout } = require("../../../../../auth/src/utils")
function googleCallbackUrl(config) { function googleCallbackUrl(config) {
// incase there is a callback URL from before // incase there is a callback URL from before
@ -122,10 +122,7 @@ exports.resetUpdate = async ctx => {
} }
exports.logout = async ctx => { exports.logout = async ctx => {
const authCookie = getCookie(ctx, Cookies.Auth) await platformLogout({ ctx, userId: ctx.user._id })
clearCookie(ctx, Cookies.Auth)
clearCookie(ctx, Cookies.CurrentApp)
await endSession(authCookie.sessionId)
ctx.body = { message: "User logged out." } ctx.body = { message: "User logged out." }
} }

13
packages/worker/src/api/controllers/global/users.js
View File

@ -3,7 +3,9 @@ const {
StaticDatabases, StaticDatabases,
generateNewUsageQuotaDoc, generateNewUsageQuotaDoc,
} = require("@budibase/auth/db") } = require("@budibase/auth/db")
const { hash, getGlobalUserByEmail, saveUser } = require("@budibase/auth").utils const { hash, getGlobalUserByEmail, saveUser, platformLogout, getCookie } =
require("@budibase/auth").utils
const { Cookies } = require("@budibase/auth").constants
const { EmailTemplatePurpose } = require("../../../constants") const { EmailTemplatePurpose } = require("../../../constants")
const { checkInviteCode } = require("../../../utilities/redis") const { checkInviteCode } = require("../../../utilities/redis")
const { sendEmail } = require("../../../utilities/email") const { sendEmail } = require("../../../utilities/email")
@ -175,7 +177,14 @@ exports.updateSelf = async ctx => {
if (ctx.request.body.password) { if (ctx.request.body.password) {
// changing password // changing password
ctx.request.body.password = await hash(ctx.request.body.password) ctx.request.body.password = await hash(ctx.request.body.password)
await invalidateSessions(ctx.user._id) // Log all other sessions out apart from the current one
const authCookie = getCookie(ctx, Cookies.Auth)
await platformLogout({
ctx,
userId: ctx.user._id,
sessionId: authCookie.sessionId,
keepActiveSession: true,
})
} }
// don't allow sending up an ID/Rev, always use the existing one // don't allow sending up an ID/Rev, always use the existing one
delete ctx.request.body._id delete ctx.request.body._id