diff --git a/packages/server/src/enterprise/middleware/passport/index.ts b/packages/server/src/enterprise/middleware/passport/index.ts index e5cd8cb79..3055b7885 100644 --- a/packages/server/src/enterprise/middleware/passport/index.ts +++ b/packages/server/src/enterprise/middleware/passport/index.ts @@ -259,11 +259,18 @@ export const initializeJwtCookieMiddleware = async (app: express.Application, id if (identityManager.isEnterprise() && !identityManager.isLicenseValid()) { return res.status(401).json({ redirectUrl: '/license-expired' }) } - req.login(user, { session: true }, async (error) => { - if (error) { - return next ? next(error) : res.status(401).json(error) + + req.session.regenerate((regenerateErr) => { + if (regenerateErr) { + return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' }) } - return setTokenOrCookies(res, user, true, req) + + req.login(user, { session: true }, async (error) => { + if (error) { + return next ? next(error) : res.status(401).json(error) + } + return setTokenOrCookies(res, user, true, req) + }) }) } catch (error: any) { return next ? next(error) : res.status(401).json(error) diff --git a/packages/server/src/enterprise/sso/Auth0SSO.ts b/packages/server/src/enterprise/sso/Auth0SSO.ts index d338feede..07a551f06 100644 --- a/packages/server/src/enterprise/sso/Auth0SSO.ts +++ b/packages/server/src/enterprise/sso/Auth0SSO.ts @@ -92,9 +92,16 @@ class Auth0SSO extends SSOBase { } return next ? next(err) : res.status(401).json(err) } - req.login(user, { session: true }, async (error) => { - if (error) return next ? next(error) : res.status(401).json(error) - return setTokenOrCookies(res, user, true, req, true, true) + + req.session.regenerate((regenerateErr) => { + if (regenerateErr) { + return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' }) + } + + req.login(user, { session: true }, async (error) => { + if (error) return next ? next(error) : res.status(401).json(error) + return setTokenOrCookies(res, user, true, req, true, true) + }) }) } catch (error) { return next ? next(error) : res.status(401).json(error) diff --git a/packages/server/src/enterprise/sso/AzureSSO.ts b/packages/server/src/enterprise/sso/AzureSSO.ts index 4e5781f50..35c6d744f 100644 --- a/packages/server/src/enterprise/sso/AzureSSO.ts +++ b/packages/server/src/enterprise/sso/AzureSSO.ts @@ -48,9 +48,16 @@ class AzureSSO extends SSOBase { } return next ? next(err) : res.status(401).json(err) } - req.login(user, { session: true }, async (error) => { - if (error) return next ? next(error) : res.status(401).json(error) - return setTokenOrCookies(res, user, true, req, true, true) + + req.session.regenerate((regenerateErr) => { + if (regenerateErr) { + return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' }) + } + + req.login(user, { session: true }, async (error) => { + if (error) return next ? next(error) : res.status(401).json(error) + return setTokenOrCookies(res, user, true, req, true, true) + }) }) } catch (error) { return next ? next(error) : res.status(401).json(error) diff --git a/packages/server/src/enterprise/sso/GithubSSO.ts b/packages/server/src/enterprise/sso/GithubSSO.ts index 11f5ad234..f52745ab0 100644 --- a/packages/server/src/enterprise/sso/GithubSSO.ts +++ b/packages/server/src/enterprise/sso/GithubSSO.ts @@ -81,9 +81,16 @@ class GithubSSO extends SSOBase { } return next ? next(err) : res.status(401).json(err) } - req.login(user, { session: true }, async (error) => { - if (error) return next ? next(error) : res.status(401).json(error) - return setTokenOrCookies(res, user, true, req, true, true) + + req.session.regenerate((regenerateErr) => { + if (regenerateErr) { + return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' }) + } + + req.login(user, { session: true }, async (error) => { + if (error) return next ? next(error) : res.status(401).json(error) + return setTokenOrCookies(res, user, true, req, true, true) + }) }) } catch (error) { return next ? next(error) : res.status(401).json(error) diff --git a/packages/server/src/enterprise/sso/GoogleSSO.ts b/packages/server/src/enterprise/sso/GoogleSSO.ts index 8dd97cf09..a4e3ae8ab 100644 --- a/packages/server/src/enterprise/sso/GoogleSSO.ts +++ b/packages/server/src/enterprise/sso/GoogleSSO.ts @@ -97,9 +97,16 @@ class GoogleSSO extends SSOBase { } return next ? next(err) : res.status(401).json(err) } - req.login(user, { session: true }, async (error) => { - if (error) return next ? next(error) : res.status(401).json(error) - return setTokenOrCookies(res, user, true, req, true, true) + + req.session.regenerate((regenerateErr) => { + if (regenerateErr) { + return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' }) + } + + req.login(user, { session: true }, async (error) => { + if (error) return next ? next(error) : res.status(401).json(error) + return setTokenOrCookies(res, user, true, req, true, true) + }) }) } catch (error) { return next ? next(error) : res.status(401).json(error)