From e1bced8c2c2c552165708a2814971dcb32d7613c Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Mon, 11 Sep 2023 14:22:04 -0400 Subject: [PATCH] fix: move database call used to associate a NodeBB session UUID to its express session id into user.auth.addSession, which is the only time it is called --- src/controllers/authentication.js | 5 +---- src/user/auth.js | 7 +++++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js index 08515f1124..82eec9f566 100644 --- a/src/controllers/authentication.js +++ b/src/controllers/authentication.js @@ -379,15 +379,12 @@ authenticationController.onSuccessfulLogin = async function (req, uid) { new Promise((resolve) => { req.session.save(resolve); }), - user.auth.addSession(uid, req.sessionID), + user.auth.addSession(uid, req.sessionID, uuid), user.updateLastOnlineTime(uid), user.onUserOnline(uid, Date.now()), analytics.increment('logins'), db.incrObjectFieldBy('global', 'loginCount', 1), ]); - if (uid > 0) { - await db.setObjectField(`uid:${uid}:sessionUUID:sessionId`, uuid, req.sessionID); - } // Force session check for all connected socket.io clients with the same session id sockets.in(`sess_${req.sessionID}`).emit('checkSession', uid); diff --git a/src/user/auth.js b/src/user/auth.js index d8113547e6..5330903a15 100644 --- a/src/user/auth.js +++ b/src/user/auth.js @@ -106,12 +106,15 @@ module.exports = function (User) { await db.sortedSetRemove(`uid:${uid}:sessions`, expiredSids); } - User.auth.addSession = async function (uid, sessionId) { + User.auth.addSession = async function (uid, sessionId, uuid) { if (!(parseInt(uid, 10) > 0)) { return; } await cleanExpiredSessions(uid); - await db.sortedSetAdd(`uid:${uid}:sessions`, Date.now(), sessionId); + await Promise.all([ + db.sortedSetAdd(`uid:${uid}:sessions`, Date.now(), sessionId), + db.setObjectField(`uid:${uid}:sessionUUID:sessionId`, uuid, sessionId), + ]); await revokeSessionsAboveThreshold(uid, meta.config.maxUserSessions); };