fix: sessions from inactive providers can still be used (#1458)
* fix: sessions from inactive providers can still be used * fix(lint): dependency keys not sorted * chore: address pull request feedback
This commit is contained in:
Meier Lukas
@@ -24,10 +24,12 @@
|
||||
"dependencies": {
|
||||
"@extractus/feed-extractor": "^7.1.3",
|
||||
"@homarr/analytics": "workspace:^0.1.0",
|
||||
"@homarr/auth": "workspace:^0.1.0",
|
||||
"@homarr/common": "workspace:^0.1.0",
|
||||
"@homarr/cron-job-status": "workspace:^0.1.0",
|
||||
"@homarr/cron-jobs-core": "workspace:^0.1.0",
|
||||
"@homarr/db": "workspace:^0.1.0",
|
||||
"@homarr/definitions": "workspace:^0.1.0",
|
||||
"@homarr/icons": "workspace:^0.1.0",
|
||||
"@homarr/integrations": "workspace:^0.1.0",
|
||||
"@homarr/log": "workspace:^0.1.0",
|
||||
|
||||
@@ -11,6 +11,7 @@ import { mediaServerJob } from "./jobs/integrations/media-server";
|
||||
import { pingJob } from "./jobs/ping";
|
||||
import type { RssFeed } from "./jobs/rss-feeds";
|
||||
import { rssFeedsJob } from "./jobs/rss-feeds";
|
||||
import { sessionCleanupJob } from "./jobs/session-cleanup";
|
||||
import { createCronJobGroup } from "./lib";
|
||||
|
||||
export const jobGroup = createCronJobGroup({
|
||||
@@ -26,6 +27,7 @@ export const jobGroup = createCronJobGroup({
|
||||
rssFeeds: rssFeedsJob,
|
||||
indexerManager: indexerManagerJob,
|
||||
healthMonitoring: healthMonitoringJob,
|
||||
sessionCleanup: sessionCleanupJob,
|
||||
});
|
||||
|
||||
export type JobGroupKeys = ReturnType<(typeof jobGroup)["getKeys"]>[number];
|
||||
|
||||
@@ -0,0 +1,38 @@
|
||||
import { env } from "@homarr/auth/env.mjs";
|
||||
import { NEVER } from "@homarr/cron-jobs-core/expressions";
|
||||
import { db, eq, inArray } from "@homarr/db";
|
||||
import { sessions, users } from "@homarr/db/schema/sqlite";
|
||||
import { supportedAuthProviders } from "@homarr/definitions";
|
||||
import { logger } from "@homarr/log";
|
||||
|
||||
import { createCronJob } from "../lib";
|
||||
|
||||
/**
|
||||
* Deletes sessions for users that have inactive auth providers.
|
||||
* Sessions from other providers are deleted so they can no longer be used.
|
||||
*/
|
||||
export const sessionCleanupJob = createCronJob("sessionCleanup", NEVER, {
|
||||
runOnStart: true,
|
||||
}).withCallback(async () => {
|
||||
const currentAuthProviders = env.AUTH_PROVIDERS;
|
||||
|
||||
const inactiveAuthProviders = supportedAuthProviders.filter((provider) => !currentAuthProviders.includes(provider));
|
||||
const subQuery = db
|
||||
.select({ id: users.id })
|
||||
.from(users)
|
||||
.where(inArray(users.provider, inactiveAuthProviders))
|
||||
.as("sq");
|
||||
const sessionsWithInactiveProviders = await db
|
||||
.select({ userId: sessions.userId })
|
||||
.from(sessions)
|
||||
.rightJoin(subQuery, eq(sessions.userId, subQuery.id));
|
||||
|
||||
const userIds = sessionsWithInactiveProviders.map(({ userId }) => userId).filter((value) => value !== null);
|
||||
await db.delete(sessions).where(inArray(sessions.userId, userIds));
|
||||
|
||||
if (sessionsWithInactiveProviders.length > 0) {
|
||||
logger.info(`Deleted sessions for inactive providers count=${userIds.length}`);
|
||||
} else {
|
||||
logger.debug("No sessions to delete");
|
||||
}
|
||||
});
|
||||
Reference in New Issue
Block a user