starred/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-12-18 01:11:13 +03:00
Code Issues 418 Packages Projects Releases 12 Wiki Activity

feat: Additional httpOnly token for enhanced security in browsers

Browse Source
This commit is contained in:
Maksim Eltyshev
2024-09-01 09:31:04 +02:00
parent 4176a62f1a
commit 9699fbe76a
18 changed files with 171 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/api/controllers/access-tokens/delete.js
View File

@@ -1,20 +1,22 @@
module.exports = {
async fn() {
const { accessToken } = this.req;
const { currentSession } = this.req;
await Session.updateOne({
accessToken,
id: currentSession.id,
deletedAt: null,
}).set({
deletedAt: new Date().toISOString(),
});
if (this.req.isSocket) {
sails.sockets.leaveAll(`@accessToken:${accessToken}`);
sails.sockets.leaveAll(`@accessToken:${currentSession.accessToken}`);
if (currentSession.httpOnlyToken && !this.req.isSocket) {
sails.helpers.utils.clearHttpOnlyTokenCookie(this.res);
}
return {
item: accessToken,
item: currentSession.accessToken,
};
},
};