Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

perf: change revokeSession to work with an array of sids

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2024-06-26 13:09:47 -04:00
parent 64875b3fae
commit 172bc2499e
1 changed files with 16 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/user/auth.js
View File

@@ -107,26 +107,28 @@ module.exports = function (User) {
db.sortedSetAdd(`uid:${uid}:sessions`, Date.now(), sessionId), db.sortedSetAdd(`uid:${uid}:sessions`, Date.now(), sessionId),
db.setObjectField(`uid:${uid}:sessionUUID:sessionId`, uuid, sessionId), db.setObjectField(`uid:${uid}:sessionUUID:sessionId`, uuid, sessionId),
]); ]);
await revokeSessionsAboveThreshold(uid, meta.config.maxUserSessions); await revokeSessionsAboveThreshold(uid);
}; };
async function revokeSessionsAboveThreshold(uid, maxUserSessions) { async function revokeSessionsAboveThreshold(uid) {
const activeSessions = await db.getSortedSetRange(`uid:${uid}:sessions`, 0, -1); const activeSessions = await db.getSortedSetRange(`uid:${uid}:sessions`, 0, -1);
if (activeSessions.length > maxUserSessions) { if (activeSessions.length > meta.config.maxUserSessions) {
const sessionsToRevoke = activeSessions.slice(0, activeSessions.length - maxUserSessions); const sessionsToRevoke = activeSessions.slice(0, activeSessions.length - meta.config.maxUserSessions);
await Promise.all(sessionsToRevoke.map(sessionId => User.auth.revokeSession(sessionId, uid))); await User.auth.revokeSession(sessionsToRevoke, uid);
} }
} }
User.auth.revokeSession = async function (sessionId, uid) { User.auth.revokeSession = async function (sessionIds, uid) {
winston.verbose(`[user.auth] Revoking session ${sessionId} for user ${uid}`); sessionIds = Array.isArray(sessionIds) ? sessionIds : [sessionIds];
const sessionObj = await db.sessionStoreGet(sessionId); const sessionObjs = await Promise.all(sessionIds.map(db.sessionStoreGet));
if (sessionObj && sessionObj.meta && sessionObj.meta.uuid) { const sidsToDestroy = sessionObjs.filter(Boolean).map((s, i) => sessionIds[i]);
await db.deleteObjectField(`uid:${uid}:sessionUUID:sessionId`, sessionObj.meta.uuid); const uuidsToDelete = sessionObjs.filter(s => s && s.meta && s.meta.uuid).map(s => s.meta.uuid);
} const destroySids = sids => Promise.all(sids.map(db.sessionStoreDestroy));
await Promise.all([ await Promise.all([
db.sortedSetRemove(`uid:${uid}:sessions`, sessionId), db.deleteObjectFields(`uid:${uid}:sessionUUID:sessionId`, uuidsToDelete),
db.sessionStoreDestroy(sessionId), db.sortedSetRemove(`uid:${uid}:sessions`, sessionIds),
destroySids(sidsToDestroy),
]); ]);
}; };
@@ -137,7 +139,7 @@ module.exports = function (User) {
uids.forEach((uid, index) => { uids.forEach((uid, index) => {
const ids = sids[index].filter(id => id !== except); const ids = sids[index].filter(id => id !== except);
if (ids.length) { if (ids.length) {
promises.push(ids.map(s => User.auth.revokeSession(s, uid))); promises.push(User.auth.revokeSession(ids, uid));
} }
}); });
await Promise.all(promises); await Promise.all(promises);