Sultan
/
Flowise
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Chore/add session regeneration when login (#4912) 

add session regeneration when login
This commit is contained in:
Henry Heng 2025-07-21 14:19:51 +01:00 committed by GitHub
parent efc9ac222f
commit e8c36b6894
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 51 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packages/server/src/enterprise/middleware/passport/index.ts
View File

@ -259,12 +259,19 @@ export const initializeJwtCookieMiddleware = async (app: express.Application, id
if (identityManager.isEnterprise() && !identityManager.isLicenseValid()) { if (identityManager.isEnterprise() && !identityManager.isLicenseValid()) {
return res.status(401).json({ redirectUrl: '/license-expired' }) return res.status(401).json({ redirectUrl: '/license-expired' })
} }
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => { req.login(user, { session: true }, async (error) => {
if (error) { if (error) {
return next ? next(error) : res.status(401).json(error) return next ? next(error) : res.status(401).json(error)
} }
return setTokenOrCookies(res, user, true, req) return setTokenOrCookies(res, user, true, req)
}) })
})
} catch (error: any) { } catch (error: any) {
return next ? next(error) : res.status(401).json(error) return next ? next(error) : res.status(401).json(error)
} }

7
packages/server/src/enterprise/sso/Auth0SSO.ts
View File

@ -92,10 +92,17 @@ class Auth0SSO extends SSOBase {
} }
return next ? next(err) : res.status(401).json(err) return next ? next(err) : res.status(401).json(err)
} }
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => { req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error) if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true) return setTokenOrCookies(res, user, true, req, true, true)
}) })
})
} catch (error) { } catch (error) {
return next ? next(error) : res.status(401).json(error) return next ? next(error) : res.status(401).json(error)
} }

7
packages/server/src/enterprise/sso/AzureSSO.ts
View File

@ -48,10 +48,17 @@ class AzureSSO extends SSOBase {
} }
return next ? next(err) : res.status(401).json(err) return next ? next(err) : res.status(401).json(err)
} }
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => { req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error) if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true) return setTokenOrCookies(res, user, true, req, true, true)
}) })
})
} catch (error) { } catch (error) {
return next ? next(error) : res.status(401).json(error) return next ? next(error) : res.status(401).json(error)
} }

7
packages/server/src/enterprise/sso/GithubSSO.ts
View File

@ -81,10 +81,17 @@ class GithubSSO extends SSOBase {
} }
return next ? next(err) : res.status(401).json(err) return next ? next(err) : res.status(401).json(err)
} }
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => { req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error) if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true) return setTokenOrCookies(res, user, true, req, true, true)
}) })
})
} catch (error) { } catch (error) {
return next ? next(error) : res.status(401).json(error) return next ? next(error) : res.status(401).json(error)
} }

7
packages/server/src/enterprise/sso/GoogleSSO.ts
View File

@ -97,10 +97,17 @@ class GoogleSSO extends SSOBase {
} }
return next ? next(err) : res.status(401).json(err) return next ? next(err) : res.status(401).json(err)
} }
req.session.regenerate((regenerateErr) => {
if (regenerateErr) {
return next ? next(regenerateErr) : res.status(500).json({ message: 'Session regeneration failed' })
}
req.login(user, { session: true }, async (error) => { req.login(user, { session: true }, async (error) => {
if (error) return next ? next(error) : res.status(401).json(error) if (error) return next ? next(error) : res.status(401).json(error)
return setTokenOrCookies(res, user, true, req, true, true) return setTokenOrCookies(res, user, true, req, true, true)
}) })
})
} catch (error) { } catch (error) {
return next ? next(error) : res.status(401).json(error) return next ? next(error) : res.status(401).json(error)
} }