starred/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-12-17 17:23:25 +03:00
Code Issues 418 Packages Projects Releases 12 Wiki Activity

feat: Invalidate access token on logout

Browse Source
This commit is contained in:
Maksim Eltyshev
2022-09-07 18:39:33 +05:00
parent 640908320a
commit 8109936ce2
26 changed files with 242 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/api/controllers/users/update-password.js
View File

@@ -1,6 +1,8 @@
const bcrypt = require('bcrypt');
const zxcvbn = require('zxcvbn');
const { getRemoteAddress } = require('../../../utils/remoteAddress');
const Errors = {
USER_NOT_FOUND: {
userNotFound: 'User not found',
@@ -71,6 +73,13 @@ module.exports = {
if (user.id === currentUser.id) {
const accessToken = sails.helpers.utils.createToken(user.id, user.passwordUpdatedAt);
await Session.create({
accessToken,
userId: user.id,
remoteAddress: getRemoteAddress(this.req),
userAgent: this.req.headers['user-agent'],
});
return {
item: user,
included: {