npm - strapi-plugin-magic-sessionmanager - Versions diffs - 3.6.0 → 4.0.0 - Mend

strapi-plugin-magic-sessionmanager 3.6.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/README.md +104 -0
package/admin/src/hooks/useLicense.js +1 -1
package/admin/src/index.js +5 -2
package/admin/src/pages/Settings.jsx +0 -1
package/admin/src/translations/es.json +21 -0
package/admin/src/translations/fr.json +21 -0
package/admin/src/translations/pt.json +21 -0
package/admin/src/utils/parseUserAgent.js +1 -1
package/dist/_chunks/{Analytics-DRzCKaDF.js → Analytics-ioaeEh-E.js} +2 -2
package/dist/_chunks/{Analytics-CwyLwdOZ.mjs → Analytics-mYu_uGwU.mjs} +2 -2
package/dist/_chunks/{App-Zhs_vt59.mjs → App-BXpIS12l.mjs} +2 -2
package/dist/_chunks/{App-nGu2Eb87.js → App-DdnUYWbC.js} +2 -2
package/dist/_chunks/{License-CPI0p_W8.mjs → License-C03C2j9P.mjs} +1 -1
package/dist/_chunks/{License-k5vvhgKr.js → License-DZYrOgcx.js} +1 -1
package/dist/_chunks/{Settings-CL2im8M3.mjs → Settings-0ocB3qHk.mjs} +2 -2
package/dist/_chunks/{Settings-Lkmxisuv.js → Settings-C6_CqpCC.js} +2 -2
package/dist/_chunks/es-CuLHazN1.js +23 -0
package/dist/_chunks/es-Dkmjhy9c.mjs +23 -0
package/dist/_chunks/fr-BAJp2yhI.js +23 -0
package/dist/_chunks/fr-Bssg_3UF.mjs +23 -0
package/dist/_chunks/{index-B-0VPfeF.mjs → index-DBRS3kt5.mjs} +11 -8
package/dist/_chunks/{index-W_QbTAYU.js → index-DC8Y0qxx.js} +11 -8
package/dist/_chunks/pt-BAP9cKs3.js +23 -0
package/dist/_chunks/pt-BVNoNcuY.mjs +23 -0
package/dist/_chunks/{useLicense-DUGjNbQ9.mjs → useLicense-DSLL9n3Y.mjs} +2 -2
package/dist/_chunks/{useLicense-C_Rneohy.js → useLicense-qgGfMvse.js} +2 -2
package/dist/admin/index.js +1 -1
package/dist/admin/index.mjs +1 -1
package/dist/server/index.js +117 -95
package/dist/server/index.mjs +117 -95
package/package.json +1 -1
package/server/src/bootstrap.js +32 -26
package/server/src/controllers/license.js +4 -4
package/server/src/controllers/session.js +10 -6
package/server/src/destroy.js +1 -1
package/server/src/middlewares/last-seen.js +8 -3
package/server/src/register.js +4 -4
package/server/src/services/geolocation.js +4 -2
package/server/src/services/license-guard.js +13 -10
package/server/src/services/notifications.js +10 -10
package/server/src/services/service.js +1 -1
package/server/src/services/session.js +41 -31
package/server/src/utils/encryption.js +1 -1

package/server/src/services/session.js CHANGED Viewed

@@ -9,11 +9,17 @@ const { encryptToken, decryptToken, generateSessionId } = require('../utils/encr
  *
  * SECURITY: JWT tokens are encrypted before storing in database using AES-256-GCM
  *
+ * [SUCCESS] Migrated to strapi.documents() API (Strapi v5 Best Practice)
+ *
  * TODO: For production multi-instance deployments, use Redis for:
  *   - Session store instead of DB
  *   - Rate limiting locks
  *   - Distributed session state
  */
+const SESSION_UID = 'plugin::magic-sessionmanager.session';
+const USER_UID = 'plugin::users-permissions.user';
 module.exports = ({ strapi }) => ({
   /**
    * Create a new session record
@@ -31,21 +37,22 @@ module.exports = ({ strapi }) => ({
       const encryptedToken = token ? encryptToken(token) : null;
       const encryptedRefreshToken = refreshToken ? encryptToken(refreshToken) : null;
-      const session = await strapi.entityService.create('plugin::magic-sessionmanager.session', {
+      // Using Document Service API (Strapi v5)
+      const session = await strapi.documents(SESSION_UID).create({
         data: {
-          user: userId,
+          user: userId, // userId should be documentId (string)
           ipAddress: ip.substring(0, 45),
           userAgent: userAgent.substring(0, 500),
           loginTime: now,
           lastActive: now,
           isActive: true,
-          token: encryptedToken,              // ✅ Encrypted Access Token
-          refreshToken: encryptedRefreshToken, // ✅ Encrypted Refresh Token
-          sessionId: sessionId,                // ✅ Unique identifier
+          token: encryptedToken,              // [SUCCESS] Encrypted Access Token
+          refreshToken: encryptedRefreshToken, // [SUCCESS] Encrypted Refresh Token
+          sessionId: sessionId,                // [SUCCESS] Unique identifier
         },
       });
-      strapi.log.info(`[magic-sessionmanager] ✅ Session ${session.id} (${sessionId}) created for user ${userId}`);
+      strapi.log.info(`[magic-sessionmanager] [SUCCESS] Session ${session.documentId} (${sessionId}) created for user ${userId}`);
       return session;
     } catch (err) {
@@ -64,7 +71,9 @@ module.exports = ({ strapi }) => ({
       const now = new Date();
       if (sessionId) {
-        await strapi.entityService.update('plugin::magic-sessionmanager.session', sessionId, {
+        // Using Document Service API (Strapi v5)
+        await strapi.documents(SESSION_UID).update({
+          documentId: sessionId,
           data: {
             isActive: false,
             logoutTime: now,
@@ -73,17 +82,18 @@ module.exports = ({ strapi }) => ({
         strapi.log.info(`[magic-sessionmanager] Session ${sessionId} terminated`);
       } else if (userId) {
-        // Find all active sessions for user
-        const activeSessions = await strapi.entityService.findMany('plugin::magic-sessionmanager.session', {
+        // Find all active sessions for user - use Deep Filtering (Strapi v5)
+        const activeSessions = await strapi.documents(SESSION_UID).findMany({
           filters: {
-            user: { id: userId },
+            user: { documentId: userId }, // Deep filtering syntax
             isActive: true,
           },
         });
         // Terminate all active sessions
         for (const session of activeSessions) {
-          await strapi.entityService.update('plugin::magic-sessionmanager.session', session.id, {
+          await strapi.documents(SESSION_UID).update({
+            documentId: session.documentId,
             data: {
               isActive: false,
               logoutTime: now,
@@ -105,7 +115,7 @@ module.exports = ({ strapi }) => ({
    */
   async getAllSessions() {
     try {
-      const sessions = await strapi.entityService.findMany('plugin::magic-sessionmanager.session', {
+      const sessions = await strapi.documents(SESSION_UID).findMany( {
         populate: { user: { fields: ['id', 'email', 'username'] } },
         sort: { loginTime: 'desc' },
         limit: 1000, // Reasonable limit
@@ -147,7 +157,7 @@ module.exports = ({ strapi }) => ({
    */
   async getActiveSessions() {
     try {
-      const sessions = await strapi.entityService.findMany('plugin::magic-sessionmanager.session', {
+      const sessions = await strapi.documents(SESSION_UID).findMany( {
         filters: { isActive: true },
         populate: { user: { fields: ['id', 'email', 'username'] } },
         sort: { loginTime: 'desc' },
@@ -191,8 +201,8 @@ module.exports = ({ strapi }) => ({
    */
   async getUserSessions(userId) {
     try {
-      const sessions = await strapi.entityService.findMany('plugin::magic-sessionmanager.session', {
-        filters: { user: { id: userId } },
+      const sessions = await strapi.documents(SESSION_UID).findMany( {
+        filters: { user: { documentId: userId } },
         sort: { loginTime: 'desc' },
       });
@@ -241,20 +251,20 @@ module.exports = ({ strapi }) => ({
       // Update session lastActive only
       if (sessionId) {
-        const session = await strapi.entityService.findOne('plugin::magic-sessionmanager.session', sessionId);
+        const session = await strapi.documents(SESSION_UID).findOne({ documentId: sessionId });
         if (session && session.lastActive) {
           const lastActiveTime = new Date(session.lastActive).getTime();
           const currentTime = now.getTime();
           if (currentTime - lastActiveTime > rateLimit) {
-            await strapi.entityService.update('plugin::magic-sessionmanager.session', sessionId, {
+            await strapi.documents(SESSION_UID).update({ documentId: sessionId,
               data: { lastActive: now },
             });
           }
         } else if (session) {
           // First time or null
-          await strapi.entityService.update('plugin::magic-sessionmanager.session', sessionId, {
+          await strapi.documents(SESSION_UID).update({ documentId: sessionId,
             data: { lastActive: now },
           });
         }
@@ -279,12 +289,12 @@ module.exports = ({ strapi }) => ({
       const now = new Date();
       const cutoffTime = new Date(now.getTime() - inactivityTimeout);
-      strapi.log.info(`[magic-sessionmanager] 🧹 Cleaning up sessions inactive since before ${cutoffTime.toISOString()}`);
+      strapi.log.info(`[magic-sessionmanager] [CLEANUP] Cleaning up sessions inactive since before ${cutoffTime.toISOString()}`);
       // Find all active sessions
-      const activeSessions = await strapi.entityService.findMany('plugin::magic-sessionmanager.session', {
+      const activeSessions = await strapi.documents(SESSION_UID).findMany({
         filters: { isActive: true },
-        fields: ['id', 'lastActive', 'loginTime'],
+        fields: ['lastActive', 'loginTime'],
       });
       // Deactivate old sessions
@@ -293,14 +303,15 @@ module.exports = ({ strapi }) => ({
         const lastActiveTime = session.lastActive ? new Date(session.lastActive) : new Date(session.loginTime);
         if (lastActiveTime < cutoffTime) {
-          await strapi.entityService.update('plugin::magic-sessionmanager.session', session.id, {
+          await strapi.documents(SESSION_UID).update({
+            documentId: session.documentId,
             data: { isActive: false },
           });
           deactivatedCount++;
         }
       }
-      strapi.log.info(`[magic-sessionmanager] ✅ Cleanup complete: ${deactivatedCount} sessions deactivated`);
+      strapi.log.info(`[magic-sessionmanager] [SUCCESS] Cleanup complete: ${deactivatedCount} sessions deactivated`);
       return deactivatedCount;
     } catch (err) {
       strapi.log.error('[magic-sessionmanager] Error cleaning up inactive sessions:', err);
@@ -316,8 +327,8 @@ module.exports = ({ strapi }) => ({
    */
   async deleteSession(sessionId) {
     try {
-      await strapi.entityService.delete('plugin::magic-sessionmanager.session', sessionId);
-      strapi.log.info(`[magic-sessionmanager] 🗑️ Session ${sessionId} permanently deleted`);
+      await strapi.documents(SESSION_UID).delete({ documentId: sessionId });
+      strapi.log.info(`[magic-sessionmanager] [DELETE] Session ${sessionId} permanently deleted`);
       return true;
     } catch (err) {
       strapi.log.error('[magic-sessionmanager] Error deleting session:', err);
@@ -332,23 +343,22 @@ module.exports = ({ strapi }) => ({
    */
   async deleteInactiveSessions() {
     try {
-      strapi.log.info('[magic-sessionmanager] 🗑️ Deleting all inactive sessions...');
+      strapi.log.info('[magic-sessionmanager] [DELETE] Deleting all inactive sessions...');
-      // Find all inactive sessions
-      const inactiveSessions = await strapi.entityService.findMany('plugin::magic-sessionmanager.session', {
+      // Find all inactive sessions (documentId is always included automatically)
+      const inactiveSessions = await strapi.documents(SESSION_UID).findMany({
         filters: { isActive: false },
-        fields: ['id'],
       });
       let deletedCount = 0;
       // Delete each inactive session
       for (const session of inactiveSessions) {
-        await strapi.entityService.delete('plugin::magic-sessionmanager.session', session.id);
+        await strapi.documents(SESSION_UID).delete({ documentId: session.documentId });
         deletedCount++;
       }
-      strapi.log.info(`[magic-sessionmanager] ✅ Deleted ${deletedCount} inactive sessions`);
+      strapi.log.info(`[magic-sessionmanager] [SUCCESS] Deleted ${deletedCount} inactive sessions`);
       return deletedCount;
     } catch (err) {
       strapi.log.error('[magic-sessionmanager] Error deleting inactive sessions:', err);

package/server/src/utils/encryption.js CHANGED Viewed

@@ -31,7 +31,7 @@ function getEncryptionKey() {
   const strapiKeys = process.env.APP_KEYS || process.env.API_TOKEN_SALT || 'default-insecure-key';
   const key = crypto.createHash('sha256').update(strapiKeys).digest();
-  console.warn('[magic-sessionmanager/encryption] ⚠️  No SESSION_ENCRYPTION_KEY found. Using fallback (not recommended for production).');
+  console.warn('[magic-sessionmanager/encryption] [WARNING]  No SESSION_ENCRYPTION_KEY found. Using fallback (not recommended for production).');
   console.warn('[magic-sessionmanager/encryption] Set SESSION_ENCRYPTION_KEY in .env for better security.');
   return key;