strapi-plugin-magic-sessionmanager 4.3.3 → 4.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/server/index.js +28 -24
  2. package/dist/server/index.mjs +28 -24
  3. package/package.json +1 -1
package/dist/server/index.js CHANGED
@@ -335,11 +335,15 @@ var lastSeen = ({ strapi: strapi2, sessionService }) => {
335
335
  fields: ["isActive"]
336
336
  });
337
337
  const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
338
- if (strictMode && hasInactiveSessions) {
338
+ if (hasInactiveSessions) {
339
339
  strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Session terminated (user: ${userDocId2.substring(0, 8)}...)`);
340
340
  return ctx.unauthorized("Session has been terminated. Please login again.");
341
341
  }
342
- strapi2.log.debug(`[magic-sessionmanager] [WARN] No active session for user ${userDocId2.substring(0, 8)}... (allowing)`);
342
+ if (strictMode) {
343
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
344
+ return ctx.unauthorized("No valid session. Please login again.");
345
+ }
346
+ strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
343
347
  }
344
348
  ctx.state.userDocumentId = userDocId2;
345
349
  }
@@ -817,30 +821,24 @@ async function registerSessionAwareAuthStrategy(strapi2, log) {
817
821
  });
818
822
  const totalSessions = allSessions?.length || 0;
819
823
  const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
820
- if (!strictMode) {
821
- if (totalSessions === 0) {
822
- strapi2.log.warn(
823
- `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
824
- );
825
- } else if (hasInactiveSessions) {
826
- strapi2.log.warn(
827
- `[magic-sessionmanager] [JWT-WARN] User ${userDocId.substring(0, 8)}... has ${totalSessions} inactive sessions but no active ones (allowing - strictMode off)`
828
- );
829
- }
830
- return decoded;
831
- }
832
- if (totalSessions === 0) {
833
- strapi2.log.warn(
834
- `[magic-sessionmanager] [JWT-ALLOW] No sessions exist for user ${userDocId.substring(0, 8)}... (allowing - possible race condition)`
835
- );
836
- return decoded;
837
- }
838
824
  if (hasInactiveSessions) {
839
825
  strapi2.log.info(
840
826
  `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was logged out (${totalSessions} inactive sessions)`
841
827
  );
842
828
  return null;
843
829
  }
830
+ if (totalSessions === 0) {
831
+ if (strictMode) {
832
+ strapi2.log.info(
833
+ `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode enabled)`
834
+ );
835
+ return null;
836
+ }
837
+ strapi2.log.warn(
838
+ `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
839
+ );
840
+ return decoded;
841
+ }
844
842
  strapi2.log.warn(
845
843
  `[magic-sessionmanager] [JWT-ALLOW] Unexpected session state for user ${userDocId.substring(0, 8)}... (allowing)`
846
844
  );
@@ -2645,7 +2643,7 @@ var session$1 = ({ strapi: strapi2 }) => {
2645
2643
  }
2646
2644
  };
2647
2645
  };
2648
- const version$1 = "4.3.2";
2646
+ const version$1 = "4.3.3";
2649
2647
  const require$$2 = {
2650
2648
  version: version$1
2651
2649
  };
@@ -38987,14 +38985,20 @@ var sessionRequired$1 = async (policyContext, config2, { strapi: strapi2 }) => {
38987
38985
  fields: ["isActive"]
38988
38986
  });
38989
38987
  const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
38990
- if (strictMode && hasInactiveSessions) {
38988
+ if (hasInactiveSessions) {
38991
38989
  strapi2.log.info(
38992
38990
  `[magic-sessionmanager] [POLICY-BLOCKED] Session terminated (user: ${userDocId.substring(0, 8)}...)`
38993
38991
  );
38994
38992
  throw new errors.UnauthorizedError("Session terminated. Please login again.");
38995
38993
  }
38996
- strapi2.log.debug(
38997
- `[magic-sessionmanager] [POLICY-WARN] No active session for user ${userDocId.substring(0, 8)}... (allowing)`
38994
+ if (strictMode) {
38995
+ strapi2.log.info(
38996
+ `[magic-sessionmanager] [POLICY-BLOCKED] No session exists (user: ${userDocId.substring(0, 8)}..., strictMode)`
38997
+ );
38998
+ throw new errors.UnauthorizedError("No valid session. Please login again.");
38999
+ }
39000
+ strapi2.log.warn(
39001
+ `[magic-sessionmanager] [POLICY-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
38998
39002
  );
38999
39003
  return true;
39000
39004
  } catch (err) {
package/dist/server/index.mjs CHANGED
@@ -322,11 +322,15 @@ var lastSeen = ({ strapi: strapi2, sessionService }) => {
322
322
  fields: ["isActive"]
323
323
  });
324
324
  const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
325
- if (strictMode && hasInactiveSessions) {
325
+ if (hasInactiveSessions) {
326
326
  strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Session terminated (user: ${userDocId2.substring(0, 8)}...)`);
327
327
  return ctx.unauthorized("Session has been terminated. Please login again.");
328
328
  }
329
- strapi2.log.debug(`[magic-sessionmanager] [WARN] No active session for user ${userDocId2.substring(0, 8)}... (allowing)`);
329
+ if (strictMode) {
330
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
331
+ return ctx.unauthorized("No valid session. Please login again.");
332
+ }
333
+ strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
330
334
  }
331
335
  ctx.state.userDocumentId = userDocId2;
332
336
  }
@@ -804,30 +808,24 @@ async function registerSessionAwareAuthStrategy(strapi2, log) {
804
808
  });
805
809
  const totalSessions = allSessions?.length || 0;
806
810
  const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
807
- if (!strictMode) {
808
- if (totalSessions === 0) {
809
- strapi2.log.warn(
810
- `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
811
- );
812
- } else if (hasInactiveSessions) {
813
- strapi2.log.warn(
814
- `[magic-sessionmanager] [JWT-WARN] User ${userDocId.substring(0, 8)}... has ${totalSessions} inactive sessions but no active ones (allowing - strictMode off)`
815
- );
816
- }
817
- return decoded;
818
- }
819
- if (totalSessions === 0) {
820
- strapi2.log.warn(
821
- `[magic-sessionmanager] [JWT-ALLOW] No sessions exist for user ${userDocId.substring(0, 8)}... (allowing - possible race condition)`
822
- );
823
- return decoded;
824
- }
825
811
  if (hasInactiveSessions) {
826
812
  strapi2.log.info(
827
813
  `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was logged out (${totalSessions} inactive sessions)`
828
814
  );
829
815
  return null;
830
816
  }
817
+ if (totalSessions === 0) {
818
+ if (strictMode) {
819
+ strapi2.log.info(
820
+ `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode enabled)`
821
+ );
822
+ return null;
823
+ }
824
+ strapi2.log.warn(
825
+ `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
826
+ );
827
+ return decoded;
828
+ }
831
829
  strapi2.log.warn(
832
830
  `[magic-sessionmanager] [JWT-ALLOW] Unexpected session state for user ${userDocId.substring(0, 8)}... (allowing)`
833
831
  );
@@ -2632,7 +2630,7 @@ var session$1 = ({ strapi: strapi2 }) => {
2632
2630
  }
2633
2631
  };
2634
2632
  };
2635
- const version$1 = "4.3.2";
2633
+ const version$1 = "4.3.3";
2636
2634
  const require$$2 = {
2637
2635
  version: version$1
2638
2636
  };
@@ -38974,14 +38972,20 @@ var sessionRequired$1 = async (policyContext, config2, { strapi: strapi2 }) => {
38974
38972
  fields: ["isActive"]
38975
38973
  });
38976
38974
  const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
38977
- if (strictMode && hasInactiveSessions) {
38975
+ if (hasInactiveSessions) {
38978
38976
  strapi2.log.info(
38979
38977
  `[magic-sessionmanager] [POLICY-BLOCKED] Session terminated (user: ${userDocId.substring(0, 8)}...)`
38980
38978
  );
38981
38979
  throw new errors.UnauthorizedError("Session terminated. Please login again.");
38982
38980
  }
38983
- strapi2.log.debug(
38984
- `[magic-sessionmanager] [POLICY-WARN] No active session for user ${userDocId.substring(0, 8)}... (allowing)`
38981
+ if (strictMode) {
38982
+ strapi2.log.info(
38983
+ `[magic-sessionmanager] [POLICY-BLOCKED] No session exists (user: ${userDocId.substring(0, 8)}..., strictMode)`
38984
+ );
38985
+ throw new errors.UnauthorizedError("No valid session. Please login again.");
38986
+ }
38987
+ strapi2.log.warn(
38988
+ `[magic-sessionmanager] [POLICY-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
38985
38989
  );
38986
38990
  return true;
38987
38991
  } catch (err) {
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "4.3.3",
2
+ "version": "4.3.4",
3
3
  "keywords": [
4
4
  "strapi",
5
5
  "strapi-plugin",