mirror of
https://github.com/advplyr/audiobookshelf.git
synced 2026-07-05 17:01:34 +00:00
Fix: grace period enable statement
This commit is contained in:
parent
077b523bd6
commit
cfeb6bd502
1 changed files with 4 additions and 4 deletions
|
|
@ -183,15 +183,15 @@ class TokenManager {
|
||||||
* @param {import('../models/User')} user
|
* @param {import('../models/User')} user
|
||||||
* @param {import('express').Request} req
|
* @param {import('express').Request} req
|
||||||
* @param {import('express').Response} res
|
* @param {import('express').Response} res
|
||||||
* @param {boolean} noGracePeriod - whether to skip the grace period
|
* @param {boolean} gracePeriod - whether to use the grace period
|
||||||
* @returns {Promise<{ accessToken:string, refreshToken:string }>}
|
* @returns {Promise<{ accessToken:string, refreshToken:string }>}
|
||||||
*/
|
*/
|
||||||
async rotateTokensForSession(session, user, req, res, noGracePeriod = false) {
|
async rotateTokensForSession(session, user, req, res, gracePeriod = true) {
|
||||||
// Generate new tokens
|
// Generate new tokens
|
||||||
const newAccessToken = this.generateTempAccessToken(user)
|
const newAccessToken = this.generateTempAccessToken(user)
|
||||||
let newRefreshToken = this.generateRefreshToken(user)
|
let newRefreshToken = this.generateRefreshToken(user)
|
||||||
|
|
||||||
if (noGracePeriod) {
|
if (gracePeriod) {
|
||||||
// Set grace period of old refresh token in case of race condition in token rotation.
|
// Set grace period of old refresh token in case of race condition in token rotation.
|
||||||
// This grace period may need to be longer if fetching the user data takes longer due to large progress objects
|
// This grace period may need to be longer if fetching the user data takes longer due to large progress objects
|
||||||
session.lastRefreshToken = session.refreshToken
|
session.lastRefreshToken = session.refreshToken
|
||||||
|
|
@ -423,7 +423,7 @@ class TokenManager {
|
||||||
// So rotate token for current session
|
// So rotate token for current session
|
||||||
const currentSession = await Database.sessionModel.findOne({ where: { refreshToken: currentRefreshToken } })
|
const currentSession = await Database.sessionModel.findOne({ where: { refreshToken: currentRefreshToken } })
|
||||||
if (currentSession) {
|
if (currentSession) {
|
||||||
const newTokens = await this.rotateTokensForSession(currentSession, user, req, res, true)
|
const newTokens = await this.rotateTokensForSession(currentSession, user, req, res, false)
|
||||||
|
|
||||||
// Invalidate all sessions for the user except the current one
|
// Invalidate all sessions for the user except the current one
|
||||||
await Database.sessionModel.destroy({
|
await Database.sessionModel.destroy({
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue