Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-12-21 07:50:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #4054

Browse Source
This commit is contained in:
barisusakli
2016-01-19 18:41:38 +02:00
parent 5a92b1a5cf
commit 089ea75cea
2 changed files with 31 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/controllers/accounts/session.js
View File

@@ -1,9 +1,9 @@
'use strict';
var async = require('async'),
var async = require('async');
user = require('../../user'),
db = require('../../database');
var db = require('../../database');
var user = require('../../user');
var sessionController = {};
@@ -15,21 +15,30 @@ sessionController.revoke = function(req, res, next) {
var _id;
async.waterfall([
async.apply(db.getObjectField, 'uid:' + req.uid + ':sessionUUID:sessionId', req.params.uuid),
function(sessionId, next) {
if (!sessionId) {
function (next) {
db.getSortedSetRange('uid:' + req.uid + ':sessions', 0, -1, next);
},
function (sids, done) {
async.eachSeries(sids, function(sid, next) {
db.sessionStore.get(sid, function(err, sessionObj) {
if (err) {
return next(err);
}
if (sessionObj && sessionObj.meta && sessionObj.meta.uuid === req.params.uuid) {
_id = sid;
done();
} else {
next();
}
});
}, next);
},
function (next) {
if (!_id) {
return next(new Error('[[error:no-session-found]]'));
}
_id = sessionId;
db.isSortedSetMember('uid:' + req.uid + ':sessions', sessionId, next)
},
function(isMember, next) {
if (isMember) {
user.auth.revokeSession(_id, req.uid, next);
} else {
next(new Error('[[error:no-session-found]]'));
}
}
], function(err) {
if (err) {

8
src/user/auth.js
View File

@@ -87,16 +87,16 @@ module.exports = function(User) {
expired;
sessions = sessions.filter(function(sessionObj, idx) {
expired = !sessionObj || !sessionObj.hasOwnProperty('passport')
|| !sessionObj.passport.hasOwnProperty('user')
|| parseInt(sessionObj.passport.user, 10) !== parseInt(uid, 10);
expired = !sessionObj || !sessionObj.hasOwnProperty('passport') ||
!sessionObj.passport.hasOwnProperty('user') ||
parseInt(sessionObj.passport.user, 10) !== parseInt(uid, 10);
if (expired) {
expiredSids.push(_sids[idx]);
}
return !expired;
}, [])
});
async.each(expiredSids, function(sid, next) {
User.auth.revokeSession(sid, uid, next);