From 8214e7b88ba489b14cc2b055c1eff149033621e7 Mon Sep 17 00:00:00 2001 From: webplusai Date: Sun, 22 Dec 2024 20:15:27 +0000 Subject: [PATCH] #8833 fix issue with multiple user sessions --- .../multiwikiserver/auth/authentication.js | 2 +- .../multiwikiserver/modules/mws-server.js | 1 + .../modules/store/sql-tiddler-database.js | 16 +++++++++++++++- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/plugins/tiddlywiki/multiwikiserver/auth/authentication.js b/plugins/tiddlywiki/multiwikiserver/auth/authentication.js index 2c3a169877d..0658c93beb0 100644 --- a/plugins/tiddlywiki/multiwikiserver/auth/authentication.js +++ b/plugins/tiddlywiki/multiwikiserver/auth/authentication.js @@ -34,7 +34,7 @@ Authenticator.prototype.hashPassword = function(password) { Authenticator.prototype.createSession = function(userId) { var sessionId = crypto.randomBytes(16).toString("hex"); // Store the session in your database or in-memory store - this.sqlTiddlerDatabase.createOrUpdateUserSession(userId, sessionId); + this.sqlTiddlerDatabase.createUserSession(userId, sessionId); return sessionId; }; diff --git a/plugins/tiddlywiki/multiwikiserver/modules/mws-server.js b/plugins/tiddlywiki/multiwikiserver/modules/mws-server.js index be46a53d2d3..800f892acfc 100644 --- a/plugins/tiddlywiki/multiwikiserver/modules/mws-server.js +++ b/plugins/tiddlywiki/multiwikiserver/modules/mws-server.js @@ -397,6 +397,7 @@ Server.prototype.authenticateUser = function(request, response) { delete user.password; const userRole = this.sqlTiddlerDatabase.getUserRoles(user.user_id); user['isAdmin'] = userRole?.role_name?.toLowerCase() === 'admin' + user['sessionId'] = session_id return user }; diff --git a/plugins/tiddlywiki/multiwikiserver/modules/store/sql-tiddler-database.js b/plugins/tiddlywiki/multiwikiserver/modules/store/sql-tiddler-database.js index df68b08df57..bebc7e34957 100644 --- a/plugins/tiddlywiki/multiwikiserver/modules/store/sql-tiddler-database.js +++ b/plugins/tiddlywiki/multiwikiserver/modules/store/sql-tiddler-database.js @@ -64,7 +64,7 @@ SqlTiddlerDatabase.prototype.createTables = function() { session_id TEXT NOT NULL, created_at TEXT NOT NULL, last_accessed TEXT NOT NULL, - PRIMARY KEY (user_id), + PRIMARY KEY (session_id), FOREIGN KEY (user_id) REFERENCES users(user_id) ) `,` @@ -994,6 +994,20 @@ SqlTiddlerDatabase.prototype.createOrUpdateUserSession = function(userId, sessio return sessionId; }; +SqlTiddlerDatabase.prototype.createUserSession = function(userId, sessionId) { + const currentTimestamp = new Date().toISOString(); + this.engine.runStatement(` + INSERT INTO sessions (user_id, session_id, created_at, last_accessed) + VALUES ($userId, $sessionId, $timestamp, $timestamp) + `, { + $userId: userId, + $sessionId: sessionId, + $timestamp: currentTimestamp + }); + + return sessionId; +}; + SqlTiddlerDatabase.prototype.findUserBySessionId = function(sessionId) { // First, get the user_id from the sessions table const sessionResult = this.engine.runStatementGet(`