feat: Automatic logout when session expires

Closes #693
2025-07-18 12:49:43 +02:00 · 2024-04-09 15:12:46 +02:00 · 2024-04-09 15:12:46 +02:00 · 4fe77c305c
commit 4fe77c305c
parent 7273b33768
15 changed files with 130 additions and 42 deletions
--- a/server/api/controllers/access-tokens/delete.js
+++ b/server/api/controllers/access-tokens/delete.js
@ -9,6 +9,10 @@ module.exports = {
      deletedAt: new Date().toISOString(),
    });

+    if (this.req.isSocket) {
+      sails.sockets.leaveAll(`@accessToken:${accessToken}`);
+    }
+
    return {
      item: accessToken,
    };
--- a/server/api/hooks/current-user/index.js
+++ b/server/api/hooks/current-user/index.js
@ -61,6 +61,7 @@ module.exports = function defineCurrentUserHook(sails) {
                });

                if (req.isSocket) {
+                  sails.sockets.join(req, `@accessToken:${accessToken}`);
                  sails.sockets.join(req, `@user:${currentUser.id}`);
                }
              }
--- a/server/api/hooks/oidc/index.js
+++ b/server/api/hooks/oidc/index.js
@ -1,6 +1,14 @@
 const openidClient = require('openid-client');

-module.exports = function oidcServiceHook(sails) {
+/**
+ * oidc hook
+ *
+ * @description :: A hook definition. Extends Sails by adding shadow routes, implicit actions,
+ *                 and/or initialization logic.
+ * @docs        :: https://sailsjs.com/docs/concepts/extending-sails/hooks
+ */
+
+module.exports = function defineOidcHook(sails) {
  let client = null;

  return {
@ -9,17 +17,20 @@ module.exports = function oidcServiceHook(sails) {
     */

    async initialize() {
-      if (sails.config.custom.oidcIssuer) {
-        const issuer = await openidClient.Issuer.discover(sails.config.custom.oidcIssuer);
-
-        client = new issuer.Client({
-          client_id: sails.config.custom.oidcClientId,
-          client_secret: sails.config.custom.oidcClientSecret,
-          redirect_uris: [sails.config.custom.oidcRedirectUri],
-          response_types: ['code'],
-        });
-        sails.log.info('OIDC hook has been loaded successfully');
+      if (!sails.config.custom.oidcIssuer) {
+        return;
      }
+
+      sails.log.info('Initializing custom hook (`oidc`)');
+
+      const issuer = await openidClient.Issuer.discover(sails.config.custom.oidcIssuer);
+
+      client = new issuer.Client({
+        client_id: sails.config.custom.oidcClientId,
+        client_secret: sails.config.custom.oidcClientSecret,
+        redirect_uris: [sails.config.custom.oidcRedirectUri],
+        response_types: ['code'],
+      });
    },

    getClient() {
--- a/server/api/hooks/smtp/index.js
+++ b/server/api/hooks/smtp/index.js
@ -1,6 +1,14 @@
 const nodemailer = require('nodemailer');

-module.exports = function smtpServiceHook(sails) {
+/**
+ * smtp hook
+ *
+ * @description :: A hook definition. Extends Sails by adding shadow routes, implicit actions,
+ *                 and/or initialization logic.
+ * @docs        :: https://sailsjs.com/docs/concepts/extending-sails/hooks
+ */
+
+module.exports = function defineSmtpHook(sails) {
  let transporter = null;

  return {
@ -9,19 +17,22 @@ module.exports = function smtpServiceHook(sails) {
     */

    async initialize() {
-      if (sails.config.custom.smtpHost) {
-        transporter = nodemailer.createTransport({
-          pool: true,
-          host: sails.config.custom.smtpHost,
-          port: sails.config.custom.smtpPort,
-          secure: sails.config.custom.smtpSecure,
-          auth: sails.config.custom.smtpUser && {
-            user: sails.config.custom.smtpUser,
-            pass: sails.config.custom.smtpPassword,
-          },
-        });
-        sails.log.info('SMTP hook has been loaded successfully');
+      if (!sails.config.custom.smtpHost) {
+        return;
      }
+
+      sails.log.info('Initializing custom hook (`smtp`)');
+
+      transporter = nodemailer.createTransport({
+        pool: true,
+        host: sails.config.custom.smtpHost,
+        port: sails.config.custom.smtpPort,
+        secure: sails.config.custom.smtpSecure,
+        auth: sails.config.custom.smtpUser && {
+          user: sails.config.custom.smtpUser,
+          pass: sails.config.custom.smtpPassword,
+        },
+      });
    },

    getTransporter() {
--- a/server/api/hooks/watcher/index.js
+++ b/server/api/hooks/watcher/index.js
@ -0,0 +1,38 @@
+/**
+ * watcher hook
+ *
+ * @description :: A hook definition. Extends Sails by adding shadow routes, implicit actions,
+ *                 and/or initialization logic.
+ * @docs        :: https://sailsjs.com/docs/concepts/extending-sails/hooks
+ */
+
+module.exports = function defineWatcherHook(sails) {
+  const checkSocketConnectionsToLogout = () => {
+    Object.keys(sails.io.sockets.adapter.rooms).forEach((room) => {
+      if (!room.startsWith('@accessToken:')) {
+        return;
+      }
+
+      const accessToken = room.split(':')[1];
+
+      try {
+        sails.helpers.utils.verifyToken(accessToken);
+      } catch (error) {
+        sails.sockets.broadcast(room, 'logout');
+        sails.sockets.leaveAll(room);
+      }
+    });
+  };
+
+  return {
+    /**
+     * Runs when this Sails app loads/lifts.
+     */
+
+    async initialize() {
+      sails.log.info('Initializing custom hook (`watcher`)');
+
+      setInterval(checkSocketConnectionsToLogout, 60 * 1000);
+    },
+  };
+};