@hed-hog/core 0.0.110 → 0.0.111
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/session/session.service.d.ts +8 -0
- package/dist/session/session.service.d.ts.map +1 -1
- package/dist/session/session.service.js +48 -1
- package/dist/session/session.service.js.map +1 -1
- package/hedhog/data/setting_group.yaml +11 -0
- package/package.json +1 -1
- package/src/session/session.service.ts +53 -1
|
@@ -65,5 +65,13 @@ export declare class SessionService {
|
|
|
65
65
|
ip_address: string;
|
|
66
66
|
user_agent: string;
|
|
67
67
|
}>;
|
|
68
|
+
/**
|
|
69
|
+
* Enforce maximum concurrent sessions limit for a user.
|
|
70
|
+
* If the limit is reached, expires the oldest sessions to make room for new ones.
|
|
71
|
+
*
|
|
72
|
+
* @param userId - The user ID to check
|
|
73
|
+
* @param maxSessions - Maximum number of concurrent sessions allowed
|
|
74
|
+
*/
|
|
75
|
+
private enforceSessionLimit;
|
|
68
76
|
}
|
|
69
77
|
//# sourceMappingURL=session.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.service.d.ts","sourceRoot":"","sources":["../../src/session/session.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5C,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAanD,qBACa,cAAc;IAGvB,OAAO,CAAC,MAAM;IAEd,OAAO,CAAC,QAAQ;IAEhB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAExB,OAAO,CAAC,QAAQ,CAAC,KAAK;IAEtB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,OAAO,CAAC,QAAQ,CAAC,iBAAiB;gBAZ1B,MAAM,EAAE,aAAa,EAErB,QAAQ,EAAE,eAAe,EAEhB,OAAO,EAAE,cAAc,EAEvB,KAAK,EAAE,YAAY,EAEnB,IAAI,EAAE,WAAW,EAEjB,IAAI,EAAE,WAAW,EAEjB,iBAAiB,EAAE,iBAAiB;IAGjD,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"session.service.d.ts","sourceRoot":"","sources":["../../src/session/session.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5C,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAanD,qBACa,cAAc;IAGvB,OAAO,CAAC,MAAM;IAEd,OAAO,CAAC,QAAQ;IAEhB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAExB,OAAO,CAAC,QAAQ,CAAC,KAAK;IAEtB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,OAAO,CAAC,QAAQ,CAAC,iBAAiB;gBAZ1B,MAAM,EAAE,aAAa,EAErB,QAAQ,EAAE,eAAe,EAEhB,OAAO,EAAE,cAAc,EAEvB,KAAK,EAAE,YAAY,EAEnB,IAAI,EAAE,WAAW,EAEjB,IAAI,EAAE,WAAW,EAEjB,iBAAiB,EAAE,iBAAiB;IAGjD,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;IAsC3E,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;IAwBlF,wBAAwB,CAAC,GAAG,KAAA,EAAE,YAAY,EAAE,MAAM;IAclD,eAAe,CAAC,gBAAgB,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM;;;;;;;YAoCvD,YAAY;YAmBZ,mBAAmB;IAQ3B,sBAAsB,CAAC,MAAM,EAAE,MAAM;IAWrC,iBAAiB,CAAC,MAAM,EAAE,MAAM;IAIhC,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;IAazD;;;;;;OAMG;YACW,mBAAmB;CAsClC"}
|
|
@@ -44,10 +44,15 @@ let SessionService = class SessionService {
|
|
|
44
44
|
throw new common_1.BadRequestException((0, api_locale_1.getLocaleText)('session.userAgentRequired', locale, 'User agent is required to create a session.'));
|
|
45
45
|
}
|
|
46
46
|
const settings = await this.setting.getSettingValues([
|
|
47
|
-
'refresh-token-expiration-minutes'
|
|
47
|
+
'refresh-token-expiration-minutes',
|
|
48
|
+
'max-concurrent-sessions'
|
|
48
49
|
]);
|
|
49
50
|
const token = await this.token.createOpaqueToken();
|
|
50
51
|
const hash = this.security.hashWithPepper(token);
|
|
52
|
+
const maxSessions = Number(settings['max-concurrent-sessions']) || 0;
|
|
53
|
+
if (maxSessions > 0) {
|
|
54
|
+
await this.enforceSessionLimit(userId, maxSessions);
|
|
55
|
+
}
|
|
51
56
|
const session = await this.prisma.user_session.create({
|
|
52
57
|
data: {
|
|
53
58
|
user_id: userId,
|
|
@@ -175,6 +180,48 @@ let SessionService = class SessionService {
|
|
|
175
180
|
}
|
|
176
181
|
});
|
|
177
182
|
}
|
|
183
|
+
/**
|
|
184
|
+
* Enforce maximum concurrent sessions limit for a user.
|
|
185
|
+
* If the limit is reached, expires the oldest sessions to make room for new ones.
|
|
186
|
+
*
|
|
187
|
+
* @param userId - The user ID to check
|
|
188
|
+
* @param maxSessions - Maximum number of concurrent sessions allowed
|
|
189
|
+
*/
|
|
190
|
+
async enforceSessionLimit(userId, maxSessions) {
|
|
191
|
+
// Count active sessions for this user
|
|
192
|
+
const activeSessions = await this.prisma.user_session.findMany({
|
|
193
|
+
where: {
|
|
194
|
+
user_id: userId,
|
|
195
|
+
revoked_at: null,
|
|
196
|
+
expires_at: {
|
|
197
|
+
gt: new Date()
|
|
198
|
+
}
|
|
199
|
+
},
|
|
200
|
+
orderBy: {
|
|
201
|
+
created_at: 'asc'
|
|
202
|
+
},
|
|
203
|
+
select: {
|
|
204
|
+
id: true
|
|
205
|
+
}
|
|
206
|
+
});
|
|
207
|
+
// If we're at or over the limit, expire the oldest sessions
|
|
208
|
+
const sessionsToExpire = activeSessions.length - maxSessions + 1;
|
|
209
|
+
if (sessionsToExpire > 0) {
|
|
210
|
+
const sessionIdsToExpire = activeSessions
|
|
211
|
+
.slice(0, sessionsToExpire)
|
|
212
|
+
.map(s => s.id);
|
|
213
|
+
await this.prisma.user_session.updateMany({
|
|
214
|
+
where: {
|
|
215
|
+
id: {
|
|
216
|
+
in: sessionIdsToExpire
|
|
217
|
+
}
|
|
218
|
+
},
|
|
219
|
+
data: {
|
|
220
|
+
expires_at: new Date() // Expire immediately
|
|
221
|
+
}
|
|
222
|
+
});
|
|
223
|
+
}
|
|
224
|
+
}
|
|
178
225
|
};
|
|
179
226
|
exports.SessionService = SessionService;
|
|
180
227
|
exports.SessionService = SessionService = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.service.js","sourceRoot":"","sources":["../../src/session/session.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAAoD;AACpD,4DAA2E;AAC3E,oDAAoD;AACpD,yCAA4C;AAC5C,2CAAgH;AAChH,+BAAsC;AACtC,mEAA+D;AAC/D,gEAA4D;AAC5D,0DAAsD;AACtD,uDAAmD;AAc5C,IAAM,cAAc,GAApB,MAAM,cAAc;IAEzB,YACU,MAAqB,EAErB,QAAyB,EAEhB,OAAuB,EAEvB,KAAmB,EAEnB,IAAiB,EAEjB,IAAiB,EAEjB,iBAAoC;QAZ7C,WAAM,GAAN,MAAM,CAAe;QAErB,aAAQ,GAAR,QAAQ,CAAiB;QAEhB,YAAO,GAAP,OAAO,CAAgB;QAEvB,UAAK,GAAL,KAAK,CAAc;QAEnB,SAAI,GAAJ,IAAI,CAAa;QAEjB,SAAI,GAAJ,IAAI,CAAa;QAEjB,sBAAiB,GAAjB,iBAAiB,CAAmB;IACnD,CAAC;IAEL,KAAK,CAAC,MAAM,CAAC,MAAc,EAAE,MAAc,EAAE,SAAiB,EAAE,SAAiB;QAC/E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,wBAAwB,EAAE,MAAM,EAAE,0CAA0C,CAAC,CAAC,CAAC;QAC7H,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,2BAA2B,EAAE,MAAM,EAAE,6CAA6C,CAAC,CAAC,CAAC;QACnI,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,2BAA2B,EAAE,MAAM,EAAE,6CAA6C,CAAC,CAAC,CAAC;QACnI,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC;YACnD,kCAAkC;
|
|
1
|
+
{"version":3,"file":"session.service.js","sourceRoot":"","sources":["../../src/session/session.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAAoD;AACpD,4DAA2E;AAC3E,oDAAoD;AACpD,yCAA4C;AAC5C,2CAAgH;AAChH,+BAAsC;AACtC,mEAA+D;AAC/D,gEAA4D;AAC5D,0DAAsD;AACtD,uDAAmD;AAc5C,IAAM,cAAc,GAApB,MAAM,cAAc;IAEzB,YACU,MAAqB,EAErB,QAAyB,EAEhB,OAAuB,EAEvB,KAAmB,EAEnB,IAAiB,EAEjB,IAAiB,EAEjB,iBAAoC;QAZ7C,WAAM,GAAN,MAAM,CAAe;QAErB,aAAQ,GAAR,QAAQ,CAAiB;QAEhB,YAAO,GAAP,OAAO,CAAgB;QAEvB,UAAK,GAAL,KAAK,CAAc;QAEnB,SAAI,GAAJ,IAAI,CAAa;QAEjB,SAAI,GAAJ,IAAI,CAAa;QAEjB,sBAAiB,GAAjB,iBAAiB,CAAmB;IACnD,CAAC;IAEL,KAAK,CAAC,MAAM,CAAC,MAAc,EAAE,MAAc,EAAE,SAAiB,EAAE,SAAiB;QAC/E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,wBAAwB,EAAE,MAAM,EAAE,0CAA0C,CAAC,CAAC,CAAC;QAC7H,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,2BAA2B,EAAE,MAAM,EAAE,6CAA6C,CAAC,CAAC,CAAC;QACnI,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,2BAA2B,EAAE,MAAM,EAAE,6CAA6C,CAAC,CAAC,CAAC;QACnI,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC;YACnD,kCAAkC;YAClC,yBAAyB;SAC1B,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC;QACnD,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,KAAK,CAAC,CAAA;QAChD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC,IAAI,CAAC,CAAC;QAErE,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC;YACpD,IAAI,EAAE;gBACJ,OAAO,EAAE,MAAM;gBACf,UAAU,EAAE,SAAS;gBACrB,UAAU,EAAE,SAAS;gBACrB,UAAU,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,kCAAkC,CAAC,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBACxG,IAAI;aACL;SACF,CAAC,CAAC;QAEH,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAC5B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAc,EAAE,YAAoB,EAAE,SAAiB,EAAE,SAAiB;QACtF,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC;YACvD,KAAK,EAAE;gBACL,IAAI;gBACJ,UAAU,EAAE,IAAI;aACjB;YACD,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;SACpC,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,4BAAmB,CAAC,IAAA,0BAAa,EAAC,cAAc,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAC,CAAC;QACzF,CAAC;QAED,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC;YACpC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE;YACzB,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,IAAI,EAAE;aACvB;SACF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;IACpE,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,GAAG,EAAE,YAAoB;QACtD,MAAM,IAAI,CAAC,KAAK,CAAC,wBAAwB,CAAC,GAAG,CAAC,CAAC;QAC/C,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC;YACzC,KAAK,EAAE;gBACL,UAAU,EAAE,IAAI;gBAChB,IAAI;aACL;YACD,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,IAAI,EAAE;aACvB;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,gBAA+B,EAAE,MAAc;;QACnE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,kCACrF,gBAAgB,KACnB,KAAK,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,IAC1B,CAAC;YAEH,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,GAAG,CACzC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;gBAC5B,MAAM,EAAE,GAAG,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,EAAE,IAAI,IAAI,CAAC;gBACxC,IAAI,QAAQ,GAAuB,IAAI,CAAC;gBACxC,IAAI,EAAE,IAAI,EAAE,KAAK,WAAW,IAAI,EAAE,KAAK,KAAK,EAAE,CAAC;oBAC7C,IAAI,CAAC;wBACH,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;oBACzC,CAAC;oBAAC,WAAM,CAAC;wBACP,QAAQ,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;oBAC/B,CAAC;gBACH,CAAC;qBAAM,IAAI,EAAE,EAAE,CAAC;oBACd,QAAQ,GAAG,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;gBAC7E,CAAC;gBACD,uCAAY,CAAC,KAAE,QAAQ,IAAG;YAC5B,CAAC,CAAC,CACH,CAAC;YAEF,OAAO;gBACL,IAAI,EAAE,iBAAiB;gBACvB,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,CAAC;gBAC1B,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC;gBACrE,IAAI,EAAE,MAAA,QAAQ,CAAC,IAAI,mCAAI,CAAC;gBACxB,QAAQ,EAAE,MAAA,MAAA,QAAQ,CAAC,QAAQ,mCAAI,gBAAgB,CAAC,QAAQ,mCAAI,EAAE;aAC/D,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,sBAAa,CAAC,mCAAmC,EAAE,mBAAU,CAAC,mBAAmB,CAAC,CAAC;QAC/F,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,EAAU;QACnC,MAAM,GAAG,GAAG,0BAA0B,kBAAkB,CAAC,EAAE,CAAC,4DAA4D,CAAC;QACzH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC3B,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,MAAK,SAAS,EAAE,CAAC;YAC7B,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QAC7B,CAAC;QACD,OAAO;YACH,EAAE;YACF,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE,IAAI,CAAC,UAAU;YACvB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,IAAI;SACZ,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,MAAc,EAAE,MAA2B,EAAE,QAAgB;QAC7F,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC;YACzC,KAAK,kBAAI,OAAO,EAAE,MAAM,IAAK,MAAM,CAAE;YACrC,IAAI,EAAE,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE;SACjC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,MAAc;QACzC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC;YAC7D,KAAK,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE;YAC1B,OAAO,EAAE,EAAE,UAAU,EAAE,MAAM,EAAE;YAC/B,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;SACrB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,EAAE,CAAC;YAAC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,CAAA;QAAC,CAAC;QAC3C,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,CAAC,EAAE,EAAE,EAAE,EAAE,wBAAwB,CAAC,CAAC;IACvG,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,MAAc;QACpC,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,EAAE,EAAE,mBAAmB,CAAC,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,MAAc,EAAE,SAAiB;QACvD,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,CAAA;QAC7D,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC;YACrC,KAAK,EAAE;gBACL,EAAE,EAAE,SAAS;gBACb,OAAO,EAAE,MAAM;aAChB;YACD,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,IAAI,EAAE;aACvB;SACF,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB,CAAC,MAAc,EAAE,WAAmB;QACnE,sCAAsC;QACtC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC;YAC7D,KAAK,EAAE;gBACL,OAAO,EAAE,MAAM;gBACf,UAAU,EAAE,IAAI;gBAChB,UAAU,EAAE;oBACV,EAAE,EAAE,IAAI,IAAI,EAAE;iBACf;aACF;YACD,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;aAClB;YACD,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;aACT;SACF,CAAC,CAAC;QAEH,4DAA4D;QAC5D,MAAM,gBAAgB,GAAG,cAAc,CAAC,MAAM,GAAG,WAAW,GAAG,CAAC,CAAC;QACjE,IAAI,gBAAgB,GAAG,CAAC,EAAE,CAAC;YACzB,MAAM,kBAAkB,GAAG,cAAc;iBACtC,KAAK,CAAC,CAAC,EAAE,gBAAgB,CAAC;iBAC1B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC;gBACxC,KAAK,EAAE;oBACL,EAAE,EAAE;wBACF,EAAE,EAAE,kBAAkB;qBACvB;iBACF;gBACD,IAAI,EAAE;oBACJ,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,qBAAqB;iBAC7C;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;CAEF,CAAA;AAtOY,wCAAc;yBAAd,cAAc;IAD1B,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,kCAAe,CAAC,CAAC,CAAA;IAEzC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,gCAAc,CAAC,CAAC,CAAA;IAExC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,4BAAY,CAAC,CAAC,CAAA;IAEtC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,mBAAW,CAAC,CAAC,CAAA;IAErC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,0BAAW,CAAC,CAAC,CAAA;IAErC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,kCAAiB,CAAC,CAAC,CAAA;qCAX5B,0BAAa;QAEX,kCAAe;QAEP,gCAAc;QAEhB,4BAAY;QAEb,mBAAW;QAEX,0BAAW;QAEE,kCAAiB;GAf5C,cAAc,CAsO1B"}
|
|
@@ -226,6 +226,17 @@
|
|
|
226
226
|
en: The length of the multifactor authentication email code
|
|
227
227
|
pt: O comprimento do código de email de autenticação multifatorial
|
|
228
228
|
value: 6
|
|
229
|
+
- slug: max-concurrent-sessions
|
|
230
|
+
type: number
|
|
231
|
+
component: input-number
|
|
232
|
+
name:
|
|
233
|
+
en: Max Concurrent Sessions
|
|
234
|
+
pt: Máximo de Sessões Simultâneas
|
|
235
|
+
description:
|
|
236
|
+
en: Maximum number of active sessions per user. Set to 0 for unlimited sessions. When limit is reached, oldest sessions will be expired automatically.
|
|
237
|
+
pt: Número máximo de sessões ativas por usuário. Defina como 0 para sessões ilimitadas. Quando o limite for atingido, as sessões mais antigas serão expiradas automaticamente.
|
|
238
|
+
value: 0
|
|
239
|
+
user_override: false
|
|
229
240
|
- slug: localization
|
|
230
241
|
icon: world
|
|
231
242
|
name:
|
package/package.json
CHANGED
|
@@ -53,10 +53,17 @@ export class SessionService {
|
|
|
53
53
|
}
|
|
54
54
|
|
|
55
55
|
const settings = await this.setting.getSettingValues([
|
|
56
|
-
'refresh-token-expiration-minutes'
|
|
56
|
+
'refresh-token-expiration-minutes',
|
|
57
|
+
'max-concurrent-sessions'
|
|
57
58
|
]);
|
|
58
59
|
const token = await this.token.createOpaqueToken();
|
|
59
60
|
const hash = this.security.hashWithPepper(token)
|
|
61
|
+
const maxSessions = Number(settings['max-concurrent-sessions']) || 0;
|
|
62
|
+
|
|
63
|
+
if (maxSessions > 0) {
|
|
64
|
+
await this.enforceSessionLimit(userId, maxSessions);
|
|
65
|
+
}
|
|
66
|
+
|
|
60
67
|
const session = await this.prisma.user_session.create({
|
|
61
68
|
data: {
|
|
62
69
|
user_id: userId,
|
|
@@ -199,4 +206,49 @@ export class SessionService {
|
|
|
199
206
|
})
|
|
200
207
|
}
|
|
201
208
|
|
|
209
|
+
/**
|
|
210
|
+
* Enforce maximum concurrent sessions limit for a user.
|
|
211
|
+
* If the limit is reached, expires the oldest sessions to make room for new ones.
|
|
212
|
+
*
|
|
213
|
+
* @param userId - The user ID to check
|
|
214
|
+
* @param maxSessions - Maximum number of concurrent sessions allowed
|
|
215
|
+
*/
|
|
216
|
+
private async enforceSessionLimit(userId: number, maxSessions: number): Promise<void> {
|
|
217
|
+
// Count active sessions for this user
|
|
218
|
+
const activeSessions = await this.prisma.user_session.findMany({
|
|
219
|
+
where: {
|
|
220
|
+
user_id: userId,
|
|
221
|
+
revoked_at: null,
|
|
222
|
+
expires_at: {
|
|
223
|
+
gt: new Date()
|
|
224
|
+
}
|
|
225
|
+
},
|
|
226
|
+
orderBy: {
|
|
227
|
+
created_at: 'asc'
|
|
228
|
+
},
|
|
229
|
+
select: {
|
|
230
|
+
id: true
|
|
231
|
+
}
|
|
232
|
+
});
|
|
233
|
+
|
|
234
|
+
// If we're at or over the limit, expire the oldest sessions
|
|
235
|
+
const sessionsToExpire = activeSessions.length - maxSessions + 1;
|
|
236
|
+
if (sessionsToExpire > 0) {
|
|
237
|
+
const sessionIdsToExpire = activeSessions
|
|
238
|
+
.slice(0, sessionsToExpire)
|
|
239
|
+
.map(s => s.id);
|
|
240
|
+
|
|
241
|
+
await this.prisma.user_session.updateMany({
|
|
242
|
+
where: {
|
|
243
|
+
id: {
|
|
244
|
+
in: sessionIdsToExpire
|
|
245
|
+
}
|
|
246
|
+
},
|
|
247
|
+
data: {
|
|
248
|
+
expires_at: new Date() // Expire immediately
|
|
249
|
+
}
|
|
250
|
+
});
|
|
251
|
+
}
|
|
252
|
+
}
|
|
253
|
+
|
|
202
254
|
}
|