Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-22 14:49:43 +02:00
Code Issues Releases Activity

feat: Additional httpOnly token for enhanced security in browsers

Browse source
This commit is contained in:
Maksim Eltyshev 2024-09-01 09:31:04 +02:00
parent d4043c9726
commit 50519f1bcd
18 changed files with 171 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

12
server/api/controllers/access-tokens/delete.js
View file

@ -1,20 +1,22 @@
module.exports = {
async fn() {
const { accessToken } = this.req;
const { currentSession } = this.req;
await Session.updateOne({
accessToken,
id: currentSession.id,
deletedAt: null,
}).set({
deletedAt: new Date().toISOString(),
});
if (this.req.isSocket) {
sails.sockets.leaveAll(`@accessToken:${accessToken}`);
sails.sockets.leaveAll(`@accessToken:${currentSession.accessToken}`);
if (currentSession.httpOnlyToken && !this.req.isSocket) {
sails.helpers.utils.clearHttpOnlyTokenCookie(this.res);
}
return {
item: accessToken,
item: currentSession.accessToken,
};
},
};