Reset multi_auth to initial state on error (#2007)
* Reset multi auth to initial state * Also check if next-auth.session-token exists --------- Co-authored-by: Keyan <34140557+huumn@users.noreply.github.com>
This commit is contained in:
parent
8a6b825659
commit
ef8c738582
14
lib/auth.js
14
lib/auth.js
@ -92,7 +92,7 @@ function switchSessionCookie (request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async function checkMultiAuthCookies (req, res) {
|
async function checkMultiAuthCookies (req, res) {
|
||||||
if (!req.cookies[MULTI_AUTH_LIST] || !req.cookies[MULTI_AUTH_POINTER]) {
|
if (!req.cookies[MULTI_AUTH_LIST] || !req.cookies[MULTI_AUTH_POINTER] || !req.cookies[SESSION_COOKIE]) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -116,15 +116,23 @@ async function checkMultiAuthCookies (req, res) {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
function resetMultiAuthCookies (req, res) {
|
async function resetMultiAuthCookies (req, res) {
|
||||||
const httpOnlyOptions = cookieOptions({ expires: 0, maxAge: 0 })
|
const httpOnlyOptions = cookieOptions({ expires: 0, maxAge: 0 })
|
||||||
const jsOptions = { ...httpOnlyOptions, httpOnly: false }
|
const jsOptions = { ...httpOnlyOptions, httpOnly: false }
|
||||||
|
|
||||||
|
// remove all multi_auth cookies ...
|
||||||
for (const key of Object.keys(req.cookies)) {
|
for (const key of Object.keys(req.cookies)) {
|
||||||
if (!MULTI_AUTH_REGEXP.test(key)) continue
|
if (!MULTI_AUTH_REGEXP.test(key)) continue
|
||||||
const options = MULTI_AUTH_JWT_REGEXP.test(key) ? httpOnlyOptions : jsOptions
|
const options = MULTI_AUTH_JWT_REGEXP.test(key) ? httpOnlyOptions : jsOptions
|
||||||
res.appendHeader('Set-Cookie', cookie.serialize(key, '', options))
|
res.appendHeader('Set-Cookie', cookie.serialize(key, '', options))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ... and reset to initial state if they are logged in
|
||||||
|
const token = req.cookies[SESSION_COOKIE]
|
||||||
|
if (!token) return
|
||||||
|
|
||||||
|
const decoded = await decodeJWT({ token, secret: process.env.NEXTAUTH_SECRET })
|
||||||
|
setMultiAuthCookies(req, res, { ...decoded, jwt: token })
|
||||||
}
|
}
|
||||||
|
|
||||||
async function refreshMultiAuthCookies (req, res) {
|
async function refreshMultiAuthCookies (req, res) {
|
||||||
@ -170,7 +178,7 @@ export async function multiAuthMiddleware (req, res) {
|
|||||||
|
|
||||||
const ok = await checkMultiAuthCookies(req, res)
|
const ok = await checkMultiAuthCookies(req, res)
|
||||||
if (!ok) {
|
if (!ok) {
|
||||||
resetMultiAuthCookies(req, res)
|
await resetMultiAuthCookies(req, res)
|
||||||
return switchSessionCookie(req)
|
return switchSessionCookie(req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user