From e06bf4bd858df90875457e5421db46aa15298b69 Mon Sep 17 00:00:00 2001 From: peintnermax Date: Mon, 18 Mar 2024 16:30:44 +0100 Subject: [PATCH] extend cookie --- apps/login/app/api/session/route.ts | 4 +--- apps/login/lib/zitadel.ts | 18 +++++++++++++++-- apps/login/utils/cookies.ts | 31 +++++++++++++++++++++++++---- apps/login/utils/session.ts | 20 ++++++++++++------- 4 files changed, 57 insertions(+), 16 deletions(-) diff --git a/apps/login/app/api/session/route.ts b/apps/login/app/api/session/route.ts index 3f41dc96b25..6c227ec18c1 100644 --- a/apps/login/app/api/session/route.ts +++ b/apps/login/app/api/session/route.ts @@ -64,9 +64,7 @@ export async function PUT(request: NextRequest) { .then((recent) => { console.log("setsession", webAuthN); return setSessionAndUpdateCookie( - recent.id, - recent.token, - recent.loginName, + recent, password, webAuthN, challenges, diff --git a/apps/login/lib/zitadel.ts b/apps/login/lib/zitadel.ts index 4fcea77c020..28d15ac6d7a 100644 --- a/apps/login/lib/zitadel.ts +++ b/apps/login/lib/zitadel.ts @@ -115,12 +115,22 @@ export async function createSession( { checks: { user: { loginName }, password: { password } }, challenges, + lifetime: { + seconds: 300, + nanos: 0, + }, }, {} ) : sessionService.createSession( - { checks: { user: { loginName } }, challenges }, - + { + checks: { user: { loginName } }, + challenges, + lifetime: { + seconds: 300, + nanos: 0, + }, + }, {} ); } @@ -137,6 +147,10 @@ export async function createSessionForUserIdAndIdpIntent( return sessionService.createSession( { checks: { user: { userId }, idpIntent }, + lifetime: { + seconds: 300, + nanos: 0, + }, }, {} ); diff --git a/apps/login/utils/cookies.ts b/apps/login/utils/cookies.ts index ba5d3a45920..a1a0f6cd8bf 100644 --- a/apps/login/utils/cookies.ts +++ b/apps/login/utils/cookies.ts @@ -6,6 +6,8 @@ export type SessionCookie = { id: string; token: string; loginName: string; + creationDate: string; + expirationDate: string; changeDate: string; authRequestId?: string; // if its linked to an OIDC flow }; @@ -135,25 +137,46 @@ export async function getSessionCookieByLoginName( } } -export async function getAllSessionCookieIds(): Promise { +/** + * + * @param cleanup when true, removes all expired sessions, default true + * @returns Session Cookies + */ +export async function getAllSessionCookieIds( + cleanup: boolean = true +): Promise { const cookiesList = cookies(); const stringifiedCookie = cookiesList.get("sessions"); if (stringifiedCookie?.value) { const sessions: SessionCookie[] = JSON.parse(stringifiedCookie?.value); - return sessions.map((session) => session.id); + + return sessions + .filter((session) => + cleanup ? new Date(session.expirationDate) > new Date() : true + ) + .map((session) => session.id); } else { return []; } } -export async function getAllSessions(): Promise { +/** + * + * @param cleanup when true, removes all expired sessions, default true + * @returns Session Cookies + */ +export async function getAllSessions( + cleanup: boolean = true +): Promise { const cookiesList = cookies(); const stringifiedCookie = cookiesList.get("sessions"); if (stringifiedCookie?.value) { const sessions: SessionCookie[] = JSON.parse(stringifiedCookie?.value); - return sessions; + return sessions.filter((session) => + cleanup ? new Date(session.expirationDate) > new Date() : true + ); } else { return []; } diff --git a/apps/login/utils/session.ts b/apps/login/utils/session.ts index 99aad8abc49..f351f1f4ada 100644 --- a/apps/login/utils/session.ts +++ b/apps/login/utils/session.ts @@ -35,6 +35,8 @@ export async function createSessionAndUpdateCookie( const sessionCookie: SessionCookie = { id: createdSession.sessionId, token: createdSession.sessionToken, + creationDate: response.session.creationDate?.toString() ?? "", + expirationDate: (response.session.expirationDate ?? "")?.toString(), changeDate: response.session.changeDate?.toString() ?? "", loginName: response.session?.factors?.user?.loginName ?? "", }; @@ -79,6 +81,8 @@ export async function createSessionForIdpAndUpdateCookie( const sessionCookie: SessionCookie = { id: createdSession.sessionId, token: createdSession.sessionToken, + creationDate: response.session.creationDate?.toString() ?? "", + expirationDate: (response.session.expirationDate ?? "")?.toString(), changeDate: response.session.changeDate?.toString() ?? "", loginName: response.session?.factors?.user?.loginName ?? "", }; @@ -104,9 +108,7 @@ export type SessionWithChallenges = Session & { }; export async function setSessionAndUpdateCookie( - sessionId: string, - sessionToken: string, - loginName: string, + recentCookie: SessionCookie, password: string | undefined, webAuthN: { credentialAssertionData: any } | undefined, challenges: RequestChallenges | undefined, @@ -114,18 +116,20 @@ export async function setSessionAndUpdateCookie( ): Promise { return setSession( server, - sessionId, - sessionToken, + recentCookie.id, + recentCookie.token, password, webAuthN, challenges ).then((updatedSession) => { if (updatedSession) { const sessionCookie: SessionCookie = { - id: sessionId, + id: recentCookie.id, token: updatedSession.sessionToken, + creationDate: recentCookie.creationDate, + expirationDate: recentCookie.expirationDate, changeDate: updatedSession.details?.changeDate?.toString() ?? "", - loginName: loginName, + loginName: recentCookie.loginName, }; if (authRequestId) { @@ -144,6 +148,8 @@ export async function setSessionAndUpdateCookie( const newCookie: SessionCookie = { id: sessionCookie.id, token: updatedSession.sessionToken, + creationDate: sessionCookie.creationDate, + expirationDate: sessionCookie.expirationDate, changeDate: session.changeDate?.toString() ?? "", loginName: session.factors?.user?.loginName ?? "", };