From 00850e54b4591dfb2af377a8a0d52dff4520004a Mon Sep 17 00:00:00 2001 From: Tian Pan Date: Sat, 5 Feb 2022 23:59:48 -0800 Subject: [PATCH] update onefx-auth deps --- packages/onefx-auth/src/model/jwt-model.ts | 21 +++++++++++++++++---- packages/onefx-auth/src/onefx-auth.ts | 6 ++++++ 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/packages/onefx-auth/src/model/jwt-model.ts b/packages/onefx-auth/src/model/jwt-model.ts index 7173abc7..b5b13d72 100644 --- a/packages/onefx-auth/src/model/jwt-model.ts +++ b/packages/onefx-auth/src/model/jwt-model.ts @@ -1,11 +1,13 @@ -import jwt from "jsonwebtoken"; +import jwt, { Secret, VerifyOptions } from "jsonwebtoken"; import mongoose from "mongoose"; import { promisify } from "util"; const { Schema } = mongoose; const sign = promisify(jwt.sign); -const verify = promisify(jwt.verify); +const verify = promisify( + jwt.verify +); type Opts = { secret: string; @@ -80,10 +82,21 @@ export class JwtModel { ); } + async revokeOtherSessions(userId: string, token: string): Promise { + let decoded; + try { + decoded = await verify(token, this.secret, undefined); + } catch (e) { + return undefined; + } + await this.Model.deleteMany({ userId, _id: { $ne: decoded.jti } }); + return undefined; + } + public async revoke(token: string): Promise { let decoded; try { - decoded = (await verify(token, this.secret)) as AuthJwt; + decoded = (await verify(token, this.secret, undefined)) as AuthJwt; } catch (e) { return; } @@ -93,7 +106,7 @@ export class JwtModel { public async verify(token: string): Promise { let decoded: AuthJwt; try { - decoded = (await verify(token, this.secret)) as AuthJwt; + decoded = (await verify(token, this.secret, undefined)) as AuthJwt; } catch (e) { return ""; } diff --git a/packages/onefx-auth/src/onefx-auth.ts b/packages/onefx-auth/src/onefx-auth.ts index ce1dac86..4d39bf50 100644 --- a/packages/onefx-auth/src/onefx-auth.ts +++ b/packages/onefx-auth/src/onefx-auth.ts @@ -103,6 +103,12 @@ export class OnefxAuth { ctx.redirect(allowedLogoutNext(this.config, ctx.query.next)); }; + logoutOtherSessions = async (ctx: Context): Promise => { + const token = this.tokenFromCtx(ctx); + const { userId } = ctx.state; + await this.jwt.revokeOtherSessions(userId, token); + }; + public postAuthentication = async (ctx: Context): Promise => { if (!ctx.state.userId) { return;