Actively expire login sesssions and notify user

2025-03-01 10:36:34 +00:00 · 2018-12-11 11:32:12 +00:00
parent ea4d65ceee
commit 8c561e92c8
3 changed files with 67 additions and 25 deletions
--- a/packages/node_modules/@node-red/editor-api/lib/auth/tokens.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/tokens.js
@@ -25,27 +25,39 @@ function generateToken(length) {


 var storage;
-
 var sessionExpiryTime
-
 var sessions = {};
-
 var loadedSessions = null;
-
 var apiAccessTokens;
+var sessionExpiryListeners = [];
+var expiryTimeout;

 function expireSessions() {
+    if (expiryTimeout) {
+        clearTimeout(expiryTimeout);
+        expiryTimeout = null;
+    }
+    var nextExpiry = Number.MAX_SAFE_INTEGER;
    var now = Date.now();
    var modified = false;
    for (var t in sessions) {
        if (sessions.hasOwnProperty(t)) {
            var session = sessions[t];
            if (!session.hasOwnProperty("expires") || session.expires < now) {
+                sessionExpiryListeners.forEach(listener => { listener(session) })
                delete sessions[t];
                modified = true;
+            } else {
+                if (session.expires < nextExpiry) {
+                    nextExpiry = session.expires;
+                }
            }
        }
    }
+    if (nextExpiry < Number.MAX_SAFE_INTEGER) {
+        // Allow 5 seconds grace
+        expiryTimeout = setTimeout(expireSessions,(nextExpiry - Date.now()) + 5000)
+    }
    if (modified) {
        return storage.saveSessions(sessions);
    } else {
@@ -65,6 +77,9 @@ function loadSessions() {
 module.exports = {
    init: function(adminAuthSettings, _storage) {
        storage = _storage;
+
+        sessionExpiryListeners = [];
+
        sessionExpiryTime = adminAuthSettings.sessionExpiryTime || 604800; // 1 week in seconds
        // At this point, storage will not have been initialised, so defer loading
        // the sessions until there's a request for them.
@@ -112,6 +127,11 @@ module.exports = {
                expires: accessTokenExpiresAt
            };
            sessions[accessToken] = session;
+
+            if (!expiryTimeout) {
+                expiryTimeout = setTimeout(expireSessions,(accessTokenExpiresAt - Date.now()) + 5000)
+            }
+
            return storage.saveSessions(sessions).then(function() {
                return {
                    accessToken: accessToken,
@@ -125,5 +145,8 @@ module.exports = {
            delete sessions[token];
            return storage.saveSessions(sessions);
        });
+    },
+    onSessionExpiry: function(callback) {
+        sessionExpiryListeners.push(callback);
    }
 }