Sultan
/
Flowise
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Chore/add session regeneration when login (#4912) 

add session regeneration when login
This commit is contained in:
Henry Heng 2025-07-21 14:19:51 +01:00 committed by GitHub
parent efc9ac222f
commit e8c36b6894
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 51 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
packages/server/src/enterprise/middleware/passport/index.ts
View File

@ -259,11 +259,18 @@ export const initializeJwtCookieMiddleware = async (app: express.Application, id
if (identityManager.isEnterprise() && !identityManager.isLicenseValid()) {
return res.status(401).json({ redirectUrl: '/license-expired' })
}
req.login(user, { session: true }, async (error) => {
if (error) {
return next ? next(error) : res.status(401).json(error)
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
return setTokenOrCookies(res, user, true, req)
req.login(user, { session: true }, async (error) => {
if (error) {
return next ? next(error) : res.status(401).json(error)
}
return setTokenOrCookies(res, user, true, req)
})
})
} catch (error: any) {
return next ? next(error) : res.status(401).json(error)

13
packages/server/src/enterprise/sso/Auth0SSO.ts
View File

@ -92,9 +92,16 @@ class Auth0SSO extends SSOBase {
}
return next ? next(err) : res.status(401).json(err)
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
})
})
} catch (error) {
return next ? next(error) : res.status(401).json(error)

13
packages/server/src/enterprise/sso/AzureSSO.ts
View File

@ -48,9 +48,16 @@ class AzureSSO extends SSOBase {
}
return next ? next(err) : res.status(401).json(err)
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
})
})
} catch (error) {
return next ? next(error) : res.status(401).json(error)

13
packages/server/src/enterprise/sso/GithubSSO.ts
View File

@ -81,9 +81,16 @@ class GithubSSO extends SSOBase {
}
return next ? next(err) : res.status(401).json(err)
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
})
})
} catch (error) {
return next ? next(error) : res.status(401).json(error)

13
packages/server/src/enterprise/sso/GoogleSSO.ts
View File

@ -97,9 +97,16 @@ class GoogleSSO extends SSOBase {
}
return next ? next(err) : res.status(401).json(err)
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true)
})
})
} catch (error) {
return next ? next(error) : res.status(401).json(error)