From fe17ffffb69748d3c47ded0a21cdd2aaa7124fc9 Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Mon, 8 Aug 2022 09:34:45 +0100 Subject: [PATCH] Bulk session wipe fix + logging --- packages/backend-core/src/security/sessions.ts | 4 ++++ .../backend-core/src/security/tests/sessions.spec.ts | 12 ++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 packages/backend-core/src/security/tests/sessions.spec.ts diff --git a/packages/backend-core/src/security/sessions.ts b/packages/backend-core/src/security/sessions.ts index 39d24ee16a..284adbcd1f 100644 --- a/packages/backend-core/src/security/sessions.ts +++ b/packages/backend-core/src/security/sessions.ts @@ -23,6 +23,10 @@ function makeSessionID(userId: string, sessionId: string) { } export async function getSessionsForUser(userId: string) { + if (!userId) { + console.trace("Cannot get sessions for undefined userId") + return [] + } const client = await redis.getSessionClient() const sessions = await client.scan(userId) return sessions.map((session: Session) => session.value) diff --git a/packages/backend-core/src/security/tests/sessions.spec.ts b/packages/backend-core/src/security/tests/sessions.spec.ts new file mode 100644 index 0000000000..7f01bdcdb7 --- /dev/null +++ b/packages/backend-core/src/security/tests/sessions.spec.ts @@ -0,0 +1,12 @@ +import * as sessions from "../sessions" + +describe("sessions", () => { + describe("getSessionsForUser", () => { + it("returns empty when user is undefined", async () => { + // @ts-ignore - allow the undefined to be passed + const results = await sessions.getSessionsForUser(undefined) + + expect(results).toStrictEqual([]) + }) + }) +})