bastian/idp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pw revision

Browse Source
This commit is contained in:
Bastian Wagner
2024-09-12 13:47:56 +02:00
parent ec29f8d4b1
commit abd623f2ca
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
idp/src/model/entity/session-key.entity.ts
View File

@@ -5,9 +5,11 @@ import {
DataSource, DataSource,
Repository, Repository,
CreateDateColumn, CreateDateColumn,
Column,
} from 'typeorm'; } from 'typeorm';
import { User } from './user.entity'; import { User } from './user.entity';
import { Injectable } from '@nestjs/common'; import { Injectable } from '@nestjs/common';
import { Exclude } from 'class-transformer';
@Entity() @Entity()
export class SessionKey { export class SessionKey {
@@ -17,6 +19,10 @@ export class SessionKey {
@ManyToOne(() => User, (user) => user.sessionKeys, { eager: true }) @ManyToOne(() => User, (user) => user.sessionKeys, { eager: true })
user: User; user: User;
@Exclude()
@Column()
pwRevision?: number;
@CreateDateColumn() @CreateDateColumn()
createdAt: Date; createdAt: Date;
} }

5
idp/src/shared/users.service.ts
View File

@@ -81,6 +81,7 @@ export class UsersService {
const s = this.sessionRepo.create({ const s = this.sessionRepo.create({
user, user,
pwRevision: user.pwRevision,
}); });
const session = await this.sessionRepo.save(s); const session = await this.sessionRepo.save(s);
this.activityRepo.logLogin(); this.activityRepo.logLogin();
@@ -125,6 +126,10 @@ export class UsersService {
throw new HttpException('User is not active', 401); throw new HttpException('User is not active', 401);
} }
if (user.pwRevision != session.pwRevision) {
throw new HttpException('Invalid session key', 401);
}
if (getUserAccessToken) { if (getUserAccessToken) {
user.accessToken = this.createAccessToken(user); user.accessToken = this.createAccessToken(user);
user.refreshToken = this.createRefreshToken(user); user.refreshToken = this.createRefreshToken(user);