strapi-plugin-magic-sessionmanager 4.2.14 → 4.2.16

package/dist/_chunks/{Analytics-DTE_zmRV.mjs → Analytics-BC4jdzBT.mjs}

@@ -4,8 +4,8 @@ import { useFetchClient } from "@strapi/strapi/admin";
 import styled, { css, keyframes } from "styled-components";
 import { Loader, Typography, Box, Flex, Badge } from "@strapi/design-system";
 import { ChartBubble, Crown, User, Clock, Monitor } from "@strapi/icons";
-import { a as pluginId } from "./index-DQO9bNP7.mjs";
-import { u as useLicense } from "./useLicense-DxbD4Wf8.mjs";
+import { a as pluginId } from "./index-CUSrDKCG.mjs";
+import { u as useLicense } from "./useLicense-xjKLHcVq.mjs";
 const theme = {
   colors: {
     primary: { 100: "#E0F2FE", 500: "#0EA5E9", 600: "#0284C7" },

package/dist/_chunks/{Analytics-lw_JaOVy.js → Analytics-D6RGeWO5.js}

@@ -6,8 +6,8 @@ const admin = require("@strapi/strapi/admin");
 const styled = require("styled-components");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
-const index = require("./index-CWcvrfXc.js");
-const useLicense = require("./useLicense-DtvJOszr.js");
+const index = require("./index-BuxWeACw.js");
+const useLicense = require("./useLicense-D7FSpX8c.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);
 const theme = {

package/dist/_chunks/{App-DDKYCjKw.js → App-BkaaNOpt.js}

@@ -5,10 +5,10 @@ const react = require("react");
 const reactIntl = require("react-intl");
 const admin = require("@strapi/strapi/admin");
 const styled = require("styled-components");
-const index = require("./index-CWcvrfXc.js");
+const index = require("./index-BuxWeACw.js");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
-const useLicense = require("./useLicense-DtvJOszr.js");
+const useLicense = require("./useLicense-D7FSpX8c.js");
 const reactRouterDom = require("react-router-dom");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);

package/dist/_chunks/{App-DJW1ZNl5.mjs → App-CahdcIEB.mjs}

@@ -3,10 +3,10 @@ import { useState, useEffect } from "react";
 import { useIntl } from "react-intl";
 import { useFetchClient, useNotification } from "@strapi/strapi/admin";
 import styled, { css, keyframes } from "styled-components";
-import { p as parseUserAgent, a as pluginId, g as getTranslation } from "./index-DQO9bNP7.mjs";
+import { p as parseUserAgent, a as pluginId, g as getTranslation } from "./index-CUSrDKCG.mjs";
 import { Modal, Flex, Box, Typography, Badge, Divider, Button, Loader, SingleSelect, SingleSelectOption, Thead, Tr, Th, Tbody, Td, Table, TextInput } from "@strapi/design-system";
 import { Check, Information, Monitor, Server, Clock, Cross, Earth, Shield, Crown, Phone, Download, User, Eye, Trash, Search, Key } from "@strapi/icons";
-import { u as useLicense } from "./useLicense-DxbD4Wf8.mjs";
+import { u as useLicense } from "./useLicense-xjKLHcVq.mjs";
 import { useNavigate } from "react-router-dom";
 const theme = {
   colors: {

package/dist/_chunks/{License-DaOFuImm.mjs → License-BFx721o7.mjs}

@@ -4,7 +4,7 @@ import { Loader, Box, Alert, Flex, Typography, Button, Badge, Accordion } from "
 import { useFetchClient, useNotification } from "@strapi/strapi/admin";
 import { ArrowClockwise, Duplicate, Download, User, Shield, Sparkle, ChartBubble } from "@strapi/icons";
 import styled, { css, keyframes } from "styled-components";
-import { a as pluginId } from "./index-DQO9bNP7.mjs";
+import { a as pluginId } from "./index-CUSrDKCG.mjs";
 const theme = {
   borderRadius: { lg: "12px" }
 };

package/dist/_chunks/{License-Tk-6UfPl.js → License-C8VnKtV1.js}

@@ -6,7 +6,7 @@ const designSystem = require("@strapi/design-system");
 const admin = require("@strapi/strapi/admin");
 const icons = require("@strapi/icons");
 const styled = require("styled-components");
-const index = require("./index-CWcvrfXc.js");
+const index = require("./index-BuxWeACw.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);
 const theme = {

package/dist/_chunks/{OnlineUsersWidget-CADphbXG.mjs → OnlineUsersWidget-r2ZgSnok.mjs}

@@ -4,7 +4,7 @@ import { useIntl } from "react-intl";
 import { Box, Typography, Flex, Grid } from "@strapi/design-system";
 import { Check, Cross, Clock, User } from "@strapi/icons";
 import { useFetchClient } from "@strapi/strapi/admin";
-import { g as getTranslation } from "./index-DQO9bNP7.mjs";
+import { g as getTranslation } from "./index-CUSrDKCG.mjs";
 const OnlineUsersWidget = () => {
   const { formatMessage } = useIntl();
   const { get } = useFetchClient();

package/dist/_chunks/{OnlineUsersWidget-C1qTpsws.js → OnlineUsersWidget-uJ6DZB_N.js}

@@ -6,7 +6,7 @@ const reactIntl = require("react-intl");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
 const admin = require("@strapi/strapi/admin");
-const index = require("./index-CWcvrfXc.js");
+const index = require("./index-BuxWeACw.js");
 const OnlineUsersWidget = () => {
   const { formatMessage } = reactIntl.useIntl();
   const { get } = admin.useFetchClient();

package/dist/_chunks/{Settings-C9xvckgq.mjs → Settings-DOUUwwxB.mjs}

@@ -5,8 +5,8 @@ import { Flex, Loader, Typography, Button, Box, Badge, Accordion, Grid, SingleSe
 import { useFetchClient, useNotification } from "@strapi/strapi/admin";
 import { Check, Information, Cog, Trash, Shield, Code, Duplicate, Mail } from "@strapi/icons";
 import styled, { css, keyframes } from "styled-components";
-import { a as pluginId, g as getTranslation } from "./index-DQO9bNP7.mjs";
-import { u as useLicense } from "./useLicense-DxbD4Wf8.mjs";
+import { a as pluginId, g as getTranslation } from "./index-CUSrDKCG.mjs";
+import { u as useLicense } from "./useLicense-xjKLHcVq.mjs";
 const theme = {
   colors: {
     primary: { 600: "#0284C7", 700: "#075985", 100: "#E0F2FE", 50: "#F0F9FF" },

package/dist/_chunks/{Settings-DyEAuTNQ.js → Settings-jtZRw_VP.js}

@@ -7,8 +7,8 @@ const designSystem = require("@strapi/design-system");
 const admin = require("@strapi/strapi/admin");
 const icons = require("@strapi/icons");
 const styled = require("styled-components");
-const index = require("./index-CWcvrfXc.js");
-const useLicense = require("./useLicense-DtvJOszr.js");
+const index = require("./index-BuxWeACw.js");
+const useLicense = require("./useLicense-D7FSpX8c.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);
 const theme = {

package/dist/_chunks/{UpgradePage-Dssk8A0Z.js → UpgradePage-Bwy_1m6f.js}

@@ -6,7 +6,7 @@ const admin = require("@strapi/strapi/admin");
 const styled = require("styled-components");
 const designSystem = require("@strapi/design-system");
 const icons = require("@strapi/icons");
-const index = require("./index-CWcvrfXc.js");
+const index = require("./index-BuxWeACw.js");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const styled__default = /* @__PURE__ */ _interopDefault(styled);
 const Container = styled__default.default(designSystem.Box)`

package/dist/_chunks/{UpgradePage-cINvE9zY.mjs → UpgradePage-mqr6dLVY.mjs}

@@ -4,7 +4,7 @@ import { useFetchClient, useNotification } from "@strapi/strapi/admin";
 import styled from "styled-components";
 import { Flex, Typography, Box, Badge, Button } from "@strapi/design-system";
 import { Check, Cross, Sparkle, Lightning, Rocket } from "@strapi/icons";
-import { a as pluginId } from "./index-DQO9bNP7.mjs";
+import { a as pluginId } from "./index-CUSrDKCG.mjs";
 const Container = styled(Box)`
   padding: 32px;
   max-width: 1400px;

package/dist/_chunks/{index-CWcvrfXc.js → index-BuxWeACw.js}

@@ -391,19 +391,19 @@ const name = pluginPkg.strapi.name;
 const index = {
   register(app) {
     app.addMenuLink({
-      to: `/plugins/${pluginId}`,
+      to: `plugins/${pluginId}`,
       icon: PluginIcon,
       intlLabel: {
         id: `${pluginId}.plugin.name`,
         defaultMessage: pluginPkg.strapi.displayName
       },
-      Component: () => Promise.resolve().then(() => require("./App-DDKYCjKw.js"))
+      Component: () => Promise.resolve().then(() => require("./App-BkaaNOpt.js"))
     });
     app.createSettingSection(
       {
         intlLabel: { id: `${pluginId}.settings.section`, defaultMessage: "Sessions" },
         id: pluginId,
-        to: `/settings/${pluginId}`
+        to: pluginId
       },
       [
         {
@@ -412,8 +412,8 @@ const index = {
             defaultMessage: "Upgrade"
           },
           id: "upgrade",
-          to: `/settings/${pluginId}/upgrade`,
-          Component: () => Promise.resolve().then(() => require("./UpgradePage-Dssk8A0Z.js"))
+          to: `${pluginId}/upgrade`,
+          Component: () => Promise.resolve().then(() => require("./UpgradePage-Bwy_1m6f.js"))
         },
         {
           intlLabel: {
@@ -421,8 +421,8 @@ const index = {
             defaultMessage: "General"
           },
           id: "general",
-          to: `/settings/${pluginId}/general`,
-          Component: () => Promise.resolve().then(() => require("./Settings-DyEAuTNQ.js"))
+          to: `${pluginId}/general`,
+          Component: () => Promise.resolve().then(() => require("./Settings-jtZRw_VP.js"))
         },
         {
           intlLabel: {
@@ -430,8 +430,8 @@ const index = {
             defaultMessage: "Analytics"
           },
           id: "analytics",
-          to: `/settings/${pluginId}/analytics`,
-          Component: () => Promise.resolve().then(() => require("./Analytics-lw_JaOVy.js"))
+          to: `${pluginId}/analytics`,
+          Component: () => Promise.resolve().then(() => require("./Analytics-D6RGeWO5.js"))
         },
         {
           intlLabel: {
@@ -439,8 +439,8 @@ const index = {
             defaultMessage: "License"
           },
           id: "license",
-          to: `/settings/${pluginId}/license`,
-          Component: () => Promise.resolve().then(() => require("./License-Tk-6UfPl.js"))
+          to: `${pluginId}/license`,
+          Component: () => Promise.resolve().then(() => require("./License-C8VnKtV1.js"))
         }
       ]
     );
@@ -458,7 +458,7 @@ const index = {
           defaultMessage: "Online Users"
         },
         component: async () => {
-          const component = await Promise.resolve().then(() => require("./OnlineUsersWidget-C1qTpsws.js"));
+          const component = await Promise.resolve().then(() => require("./OnlineUsersWidget-uJ6DZB_N.js"));
           return component.default;
         },
         id: "online-users-widget",

package/dist/_chunks/{index-DQO9bNP7.mjs → index-CUSrDKCG.mjs}

@@ -390,19 +390,19 @@ const name = pluginPkg.strapi.name;
 const index = {
   register(app) {
     app.addMenuLink({
-      to: `/plugins/${pluginId}`,
+      to: `plugins/${pluginId}`,
       icon: PluginIcon,
       intlLabel: {
         id: `${pluginId}.plugin.name`,
         defaultMessage: pluginPkg.strapi.displayName
       },
-      Component: () => import("./App-DJW1ZNl5.mjs")
+      Component: () => import("./App-CahdcIEB.mjs")
     });
     app.createSettingSection(
       {
         intlLabel: { id: `${pluginId}.settings.section`, defaultMessage: "Sessions" },
         id: pluginId,
-        to: `/settings/${pluginId}`
+        to: pluginId
       },
       [
         {
@@ -411,8 +411,8 @@ const index = {
             defaultMessage: "Upgrade"
           },
           id: "upgrade",
-          to: `/settings/${pluginId}/upgrade`,
-          Component: () => import("./UpgradePage-cINvE9zY.mjs")
+          to: `${pluginId}/upgrade`,
+          Component: () => import("./UpgradePage-mqr6dLVY.mjs")
         },
         {
           intlLabel: {
@@ -420,8 +420,8 @@ const index = {
             defaultMessage: "General"
           },
           id: "general",
-          to: `/settings/${pluginId}/general`,
-          Component: () => import("./Settings-C9xvckgq.mjs")
+          to: `${pluginId}/general`,
+          Component: () => import("./Settings-DOUUwwxB.mjs")
         },
         {
           intlLabel: {
@@ -429,8 +429,8 @@ const index = {
             defaultMessage: "Analytics"
           },
           id: "analytics",
-          to: `/settings/${pluginId}/analytics`,
-          Component: () => import("./Analytics-DTE_zmRV.mjs")
+          to: `${pluginId}/analytics`,
+          Component: () => import("./Analytics-BC4jdzBT.mjs")
         },
         {
           intlLabel: {
@@ -438,8 +438,8 @@ const index = {
             defaultMessage: "License"
           },
           id: "license",
-          to: `/settings/${pluginId}/license`,
-          Component: () => import("./License-DaOFuImm.mjs")
+          to: `${pluginId}/license`,
+          Component: () => import("./License-BFx721o7.mjs")
         }
       ]
     );
@@ -457,7 +457,7 @@ const index = {
           defaultMessage: "Online Users"
         },
         component: async () => {
-          const component = await import("./OnlineUsersWidget-CADphbXG.mjs");
+          const component = await import("./OnlineUsersWidget-r2ZgSnok.mjs");
           return component.default;
         },
         id: "online-users-widget",

package/dist/_chunks/{useLicense-DtvJOszr.js → useLicense-D7FSpX8c.js}

@@ -1,7 +1,7 @@
 "use strict";
 const react = require("react");
 const admin = require("@strapi/strapi/admin");
-const index = require("./index-CWcvrfXc.js");
+const index = require("./index-BuxWeACw.js");
 const useLicense = () => {
   const { get } = admin.useFetchClient();
   const [isPremium, setIsPremium] = react.useState(false);

package/dist/_chunks/{useLicense-DxbD4Wf8.mjs → useLicense-xjKLHcVq.mjs}

@@ -1,6 +1,6 @@
 import { useState, useEffect } from "react";
 import { useFetchClient } from "@strapi/strapi/admin";
-import { a as pluginId } from "./index-DQO9bNP7.mjs";
+import { a as pluginId } from "./index-CUSrDKCG.mjs";
 const useLicense = () => {
   const { get } = useFetchClient();
   const [isPremium, setIsPremium] = useState(false);

package/dist/admin/index.js

@@ -1,3 +1,3 @@
 "use strict";
-const index = require("../_chunks/index-CWcvrfXc.js");
+const index = require("../_chunks/index-BuxWeACw.js");
 module.exports = index.index;

package/dist/admin/index.mjs

@@ -1,4 +1,4 @@
-import { i } from "../_chunks/index-DQO9bNP7.mjs";
+import { i } from "../_chunks/index-CUSrDKCG.mjs";
 export {
   i as default
 };

package/dist/server/index.js

@@ -206,7 +206,7 @@ function generateSessionId$1(userId) {
   const userHash = crypto$1.createHash("sha256").update(userId.toString()).digest("hex").substring(0, 8);
   return `sess_${timestamp}_${userHash}_${randomBytes}`;
 }
-function hashToken$4(token) {
+function hashToken$3(token) {
   if (!token) return null;
   return crypto$1.createHash("sha256").update(token).digest("hex");
 }
@@ -214,113 +214,63 @@ var encryption = {
   encryptToken: encryptToken$2,
   decryptToken: decryptToken$3,
   generateSessionId: generateSessionId$1,
-  hashToken: hashToken$4
+  hashToken: hashToken$3
 };
 const SESSION_UID$3 = "plugin::magic-sessionmanager.session";
-const { hashToken: hashToken$3 } = encryption;
-const lastTouchCache = /* @__PURE__ */ new Map();
-const CACHE_MAX_SIZE = 1e4;
-const CACHE_CLEANUP_AGE = 60 * 60 * 1e3;
-function cleanupOldCacheEntries() {
-  if (lastTouchCache.size < CACHE_MAX_SIZE) return;
-  const now = Date.now();
-  const cutoff = now - CACHE_CLEANUP_AGE;
-  for (const [key, timestamp] of lastTouchCache.entries()) {
-    if (timestamp < cutoff) {
-      lastTouchCache.delete(key);
-    }
-  }
+const AUTH_PATTERNS = [
+  "/auth/",
+  // All /api/auth/* endpoints (login, logout, refresh, etc.)
+  "/magic-link/",
+  // All Magic-Link endpoints
+  "/passwordless/",
+  // Legacy passwordless endpoints
+  "/otp/",
+  // OTP endpoints (any plugin)
+  "/login",
+  // Any login endpoint
+  "/register",
+  // Any register endpoint
+  "/forgot-password",
+  // Password reset
+  "/reset-password"
+  // Password reset
+];
+function isAuthEndpoint(path) {
+  return AUTH_PATTERNS.some((pattern) => path.includes(pattern));
 }
-var lastSeen = ({ strapi: strapi2 }) => {
+var lastSeen = ({ strapi: strapi2, sessionService }) => {
   return async (ctx, next) => {
-    const currentToken = ctx.request.headers.authorization?.replace("Bearer ", "");
-    if (!currentToken) {
-      await next();
-      return;
-    }
-    const skipPaths = [
-      "/admin",
-      // Admin panel UI
-      "/content-manager",
-      // Content Manager
-      "/content-type-builder",
-      // Content-Type Builder
-      "/upload",
-      // Media Library
-      "/i18n",
-      // Internationalization
-      "/users-permissions",
-      // Users & Permissions settings
-      "/email",
-      // Email plugin
-      "/_health",
-      // Health check
-      "/favicon.ico",
-      // Static assets
-      "/api/auth/local",
-      // Login endpoint
-      "/api/auth/register",
-      // Registration endpoint
-      "/api/auth/forgot-password",
-      // Password reset
-      "/api/auth/reset-password",
-      // Password reset
-      "/api/auth/logout",
-      // Logout endpoint (handled separately)
-      "/api/auth/refresh",
-      // Refresh token (has own validation in bootstrap.js)
-      "/api/connect",
-      // OAuth providers
-      "/api/magic-link"
-      // Magic link auth (if using magic-link plugin)
-    ];
-    if (skipPaths.some((p) => ctx.path.startsWith(p))) {
-      await next();
-      return;
-    }
-    if (!ctx.path.startsWith("/api/")) {
+    if (isAuthEndpoint(ctx.path)) {
       await next();
       return;
     }
-    let matchingSession = null;
-    try {
-      const currentTokenHash = hashToken$3(currentToken);
-      matchingSession = await strapi2.documents(SESSION_UID$3).findFirst({
-        filters: {
-          tokenHash: currentTokenHash,
-          isActive: true
-        },
-        populate: { user: { fields: ["documentId"] } }
-      });
-      if (matchingSession) {
-        ctx.state.sessionId = matchingSession.documentId;
-        ctx.state.currentSession = matchingSession;
-        if (matchingSession.user?.documentId) {
-          ctx.state.sessionUserId = matchingSession.user.documentId;
+    if (ctx.state.user && ctx.state.user.documentId) {
+      try {
+        const userId = ctx.state.user.documentId;
+        const activeSessions = await strapi2.documents(SESSION_UID$3).findMany({
+          filters: {
+            user: { documentId: userId },
+            isActive: true
+          },
+          limit: 1
+        });
+        if (!activeSessions || activeSessions.length === 0) {
+          strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Request blocked - session terminated or invalid (user: ${userId.substring(0, 8)}...)`);
+          return ctx.unauthorized("All sessions have been terminated. Please login again.");
         }
-      } else {
-        strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Request blocked - session terminated or invalid (token hash: ${currentTokenHash.substring(0, 8)}...)`);
-        return ctx.unauthorized("This session has been terminated. Please login again.");
+      } catch (err) {
+        strapi2.log.debug("[magic-sessionmanager] Error checking active sessions:", err.message);
       }
-    } catch (err) {
-      strapi2.log.debug("[magic-sessionmanager] Error checking session:", err.message);
     }
     await next();
-    if (matchingSession) {
+    if (ctx.state.user && ctx.state.user.documentId) {
       try {
-        const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
-        const rateLimit = config2.lastSeenRateLimit || 3e4;
-        const now = Date.now();
-        const lastTouch = lastTouchCache.get(matchingSession.documentId) || 0;
-        if (now - lastTouch > rateLimit) {
-          lastTouchCache.set(matchingSession.documentId, now);
-          cleanupOldCacheEntries();
-          await strapi2.documents(SESSION_UID$3).update({
-            documentId: matchingSession.documentId,
-            data: { lastActive: /* @__PURE__ */ new Date() }
-          });
-          strapi2.log.debug(`[magic-sessionmanager] [TOUCH] Session ${matchingSession.documentId} activity updated`);
-        }
+        const userId = ctx.state.user.documentId;
+        const sessionId = ctx.state.sessionId;
+        await sessionService.touch({
+          userId,
+          sessionId
+        });
       } catch (err) {
         strapi2.log.debug("[magic-sessionmanager] Error updating lastSeen:", err.message);
       }
@@ -2484,7 +2434,7 @@ var session$1 = ({ strapi: strapi2 }) => {
     }
   };
 };
-const version = "4.2.13";
+const version = "4.2.15";
 const require$$2 = {
   version
 };

package/dist/server/index.mjs

@@ -202,7 +202,7 @@ function generateSessionId$1(userId) {
   const userHash = crypto$1.createHash("sha256").update(userId.toString()).digest("hex").substring(0, 8);
   return `sess_${timestamp}_${userHash}_${randomBytes}`;
 }
-function hashToken$4(token) {
+function hashToken$3(token) {
   if (!token) return null;
   return crypto$1.createHash("sha256").update(token).digest("hex");
 }
@@ -210,113 +210,63 @@ var encryption = {
   encryptToken: encryptToken$2,
   decryptToken: decryptToken$3,
   generateSessionId: generateSessionId$1,
-  hashToken: hashToken$4
+  hashToken: hashToken$3
 };
 const SESSION_UID$3 = "plugin::magic-sessionmanager.session";
-const { hashToken: hashToken$3 } = encryption;
-const lastTouchCache = /* @__PURE__ */ new Map();
-const CACHE_MAX_SIZE = 1e4;
-const CACHE_CLEANUP_AGE = 60 * 60 * 1e3;
-function cleanupOldCacheEntries() {
-  if (lastTouchCache.size < CACHE_MAX_SIZE) return;
-  const now = Date.now();
-  const cutoff = now - CACHE_CLEANUP_AGE;
-  for (const [key, timestamp] of lastTouchCache.entries()) {
-    if (timestamp < cutoff) {
-      lastTouchCache.delete(key);
-    }
-  }
+const AUTH_PATTERNS = [
+  "/auth/",
+  // All /api/auth/* endpoints (login, logout, refresh, etc.)
+  "/magic-link/",
+  // All Magic-Link endpoints
+  "/passwordless/",
+  // Legacy passwordless endpoints
+  "/otp/",
+  // OTP endpoints (any plugin)
+  "/login",
+  // Any login endpoint
+  "/register",
+  // Any register endpoint
+  "/forgot-password",
+  // Password reset
+  "/reset-password"
+  // Password reset
+];
+function isAuthEndpoint(path) {
+  return AUTH_PATTERNS.some((pattern) => path.includes(pattern));
 }
-var lastSeen = ({ strapi: strapi2 }) => {
+var lastSeen = ({ strapi: strapi2, sessionService }) => {
   return async (ctx, next) => {
-    const currentToken = ctx.request.headers.authorization?.replace("Bearer ", "");
-    if (!currentToken) {
-      await next();
-      return;
-    }
-    const skipPaths = [
-      "/admin",
-      // Admin panel UI
-      "/content-manager",
-      // Content Manager
-      "/content-type-builder",
-      // Content-Type Builder
-      "/upload",
-      // Media Library
-      "/i18n",
-      // Internationalization
-      "/users-permissions",
-      // Users & Permissions settings
-      "/email",
-      // Email plugin
-      "/_health",
-      // Health check
-      "/favicon.ico",
-      // Static assets
-      "/api/auth/local",
-      // Login endpoint
-      "/api/auth/register",
-      // Registration endpoint
-      "/api/auth/forgot-password",
-      // Password reset
-      "/api/auth/reset-password",
-      // Password reset
-      "/api/auth/logout",
-      // Logout endpoint (handled separately)
-      "/api/auth/refresh",
-      // Refresh token (has own validation in bootstrap.js)
-      "/api/connect",
-      // OAuth providers
-      "/api/magic-link"
-      // Magic link auth (if using magic-link plugin)
-    ];
-    if (skipPaths.some((p) => ctx.path.startsWith(p))) {
-      await next();
-      return;
-    }
-    if (!ctx.path.startsWith("/api/")) {
+    if (isAuthEndpoint(ctx.path)) {
       await next();
       return;
     }
-    let matchingSession = null;
-    try {
-      const currentTokenHash = hashToken$3(currentToken);
-      matchingSession = await strapi2.documents(SESSION_UID$3).findFirst({
-        filters: {
-          tokenHash: currentTokenHash,
-          isActive: true
-        },
-        populate: { user: { fields: ["documentId"] } }
-      });
-      if (matchingSession) {
-        ctx.state.sessionId = matchingSession.documentId;
-        ctx.state.currentSession = matchingSession;
-        if (matchingSession.user?.documentId) {
-          ctx.state.sessionUserId = matchingSession.user.documentId;
+    if (ctx.state.user && ctx.state.user.documentId) {
+      try {
+        const userId = ctx.state.user.documentId;
+        const activeSessions = await strapi2.documents(SESSION_UID$3).findMany({
+          filters: {
+            user: { documentId: userId },
+            isActive: true
+          },
+          limit: 1
+        });
+        if (!activeSessions || activeSessions.length === 0) {
+          strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Request blocked - session terminated or invalid (user: ${userId.substring(0, 8)}...)`);
+          return ctx.unauthorized("All sessions have been terminated. Please login again.");
         }
-      } else {
-        strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Request blocked - session terminated or invalid (token hash: ${currentTokenHash.substring(0, 8)}...)`);
-        return ctx.unauthorized("This session has been terminated. Please login again.");
+      } catch (err) {
+        strapi2.log.debug("[magic-sessionmanager] Error checking active sessions:", err.message);
       }
-    } catch (err) {
-      strapi2.log.debug("[magic-sessionmanager] Error checking session:", err.message);
     }
     await next();
-    if (matchingSession) {
+    if (ctx.state.user && ctx.state.user.documentId) {
       try {
-        const config2 = strapi2.config.get("plugin::magic-sessionmanager") || {};
-        const rateLimit = config2.lastSeenRateLimit || 3e4;
-        const now = Date.now();
-        const lastTouch = lastTouchCache.get(matchingSession.documentId) || 0;
-        if (now - lastTouch > rateLimit) {
-          lastTouchCache.set(matchingSession.documentId, now);
-          cleanupOldCacheEntries();
-          await strapi2.documents(SESSION_UID$3).update({
-            documentId: matchingSession.documentId,
-            data: { lastActive: /* @__PURE__ */ new Date() }
-          });
-          strapi2.log.debug(`[magic-sessionmanager] [TOUCH] Session ${matchingSession.documentId} activity updated`);
-        }
+        const userId = ctx.state.user.documentId;
+        const sessionId = ctx.state.sessionId;
+        await sessionService.touch({
+          userId,
+          sessionId
+        });
       } catch (err) {
         strapi2.log.debug("[magic-sessionmanager] Error updating lastSeen:", err.message);
       }
@@ -2480,7 +2430,7 @@ var session$1 = ({ strapi: strapi2 }) => {
     }
   };
 };
-const version = "4.2.13";
+const version = "4.2.15";
 const require$$2 = {
   version
 };

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "4.2.14",
+  "version": "4.2.16",
   "keywords": [
     "strapi",
     "strapi-plugin",