Templater
/
nuxt-app
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

fix(auth): O(n) session lookup -> direct DB query, init passwordHistory empty 

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
npmrun 3 weeks ago
parent
df2ca3a6d1
commit
ca192ced94
1 changed files with 7 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 19
      server/service/auth/index.ts

19
server/service/auth/index.ts
View File

@ -47,7 +47,7 @@ export class AuthService {
password: passwordHash, password: passwordHash,
role: "user", role: "user",
status: "active", status: "active",
passwordHistory: JSON.stringify([passwordHash]), passwordHistory: "[]",
}) })
.returning(); .returning();
@ -95,23 +95,18 @@ export class AuthService {
refreshToken: string refreshToken: string
): Promise<{ accessToken: string; newRefreshToken: string }> { ): Promise<{ accessToken: string; newRefreshToken: string }> {
// 查找有效 session // 查找有效 session
const sessions = await dbGlobal const [session] = await dbGlobal
.select() .select()
.from(userSessions) .from(userSessions)
.where(isNull(userSessions.revokedAt)); .where(eq(userSessions.id, refreshToken))
.limit(1);
let matchedSession: (typeof sessions)[0] | null = null;
for (const s of sessions) {
if (s.id === refreshToken && s.expiresAt > new Date()) {
matchedSession = s;
break;
}
}
if (!matchedSession) { if (!session || session.revokedAt !== null || session.expiresAt <= new Date()) {
throw { code: "SESSION_REVOKED", message: "Session 已失效" }; throw { code: "SESSION_REVOKED", message: "Session 已失效" };
} }
const matchedSession = session;
const [user] = await dbGlobal const [user] = await dbGlobal
.select() .select()
.from(users) .from(users)

Write Preview
Loading…
Cancel
Save