npm - mbkauthe - Versions diffs - 1.0.17 → 1.0.19 - Mend

mbkauthe 1.0.17 → 1.0.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/index.js +2 -1
package/lib/main.js +18 -12
package/lib/validateSessionAndRole.js +1 -0
package/package.json +1 -1

package/index.js CHANGED Viewed

@@ -21,7 +21,8 @@ if (mbkautheVar.RECAPTCHA_Enabled === "true") {
     if (mbkautheVar.RECAPTCHA_SECRET_KEY === undefined) {
         throw new Error("mbkautheVar.RECAPTCHA_SECRET_KEY is required");
     }
-}
+}  console.log(mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined);
 if (mbkautheVar.COOKIE_EXPIRE_TIME !== undefined) {
     const expireTime = parseFloat(mbkautheVar.COOKIE_EXPIRE_TIME);
     if (isNaN(expireTime) || expireTime <= 0) {

package/lib/main.js CHANGED Viewed

@@ -64,6 +64,14 @@ const sessionConfig = {
   name: 'mbkauthe.sid'
 };
+router.use(async (req, res, next) => {
+  if (req.session && req.session.user) {
+    const cookieOptions = getCookieOptions();
+    res.cookie("username", req.session.user.username, { ...cookieOptions, httpOnly: false }); // Allow JavaScript access
+    res.cookie("sessionId", req.session.user.sessionId, cookieOptions); // Keep httpOnly for sensitive cookies
+  }
+  next();
+});
 router.use(session(sessionConfig));
 // Middleware to handle session restoration from sessionId cookie
@@ -79,12 +87,8 @@ router.use(async (req, res, next) => {
         req.session.user = {
           id: user.id,
           username: user.UserName,
-          UserName: user.UserName,
-          Role: user.Role,
-          role: user.Role,
           sessionId,
         };
-        console.log(`Session restored for user: ${user.UserName}`);
       }
     } catch (err) {
       console.error("Session restoration error:", err);
@@ -122,13 +126,13 @@ router.post("/mbkauthe/api/terminateAllSessions", authenticate(mbkautheVar.Main_
         console.log("Error destroying session:", err);
         return res.status(500).json({ success: false, message: "Failed to terminate sessions" });
       }
       // Clear all cookies with proper domain
       const cookieOptions = getCookieOptions();
       res.clearCookie("mbkauthe.sid", cookieOptions);
       res.clearCookie("sessionId", cookieOptions);
       res.clearCookie("username", cookieOptions);
       console.log("All sessions terminated successfully");
       res.status(200).json({
         success: true,
@@ -273,11 +277,13 @@ router.post("/mbkauthe/api/logout", async (req, res) => {
   if (req.session.user) {
     try {
       const { id, username } = req.session.user;
-      const query = `SELECT "Active" FROM "Users" WHERE "id" = $1`;
-      const result = await dblogin.query(query, [id]);
-      if (result.rows.length > 0 && !result.rows[0].Active) {
-        console.log("Account is inactive during logout");
+      // Clear the SessionId in the database first
+      await dblogin.query(`UPDATE "Users" SET "SessionId" = NULL WHERE "id" = $1`, [id]);
+      // Remove the session from the session table
+      if (req.sessionID) {
+        await dblogin.query('DELETE FROM "session" WHERE sid = $1', [req.sessionID]);
       }
       req.session.destroy((err) => {
@@ -285,13 +291,13 @@ router.post("/mbkauthe/api/logout", async (req, res) => {
           console.log("Error destroying session:", err);
           return res.status(500).json({ success: false, message: "Logout failed" });
         }
         // Clear all cookies with proper domain
         const cookieOptions = getCookieOptions();
         res.clearCookie("mbkauthe.sid", cookieOptions);
         res.clearCookie("sessionId", cookieOptions);
         res.clearCookie("username", cookieOptions);
         console.log(`User "${username}" logged out successfully`);
         res.status(200).json({ success: true, message: "Logout successful" });
       });

package/lib/validateSessionAndRole.js CHANGED Viewed

@@ -3,6 +3,7 @@ const mbkautheVar = JSON.parse(process.env.mbkautheVar);
 // Get consistent cookie options
 const getCookieOptions = () => ({
+  maxAge: COOKIE_EXPIRE_TIME,
   domain: mbkautheVar.IS_DEPLOYED === 'true' ? `.${mbkautheVar.DOMAIN}` : undefined,
   secure: mbkautheVar.IS_DEPLOYED === 'true' ? 'auto' : false,
   sameSite: 'lax',

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mbkauthe",
-  "version": "1.0.17",
+  "version": "1.0.19",
   "description": "MBKTechStudio's reusable authentication system for Node.js applications.",
   "main": "index.js",
   "type": "module",