strapi-plugin-magic-sessionmanager 4.3.3 → 4.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/server/index.js +104 -44
  2. package/dist/server/index.mjs +104 -44
  3. package/package.json +1 -1
package/dist/server/index.js CHANGED
@@ -329,17 +329,37 @@ var lastSeen = ({ strapi: strapi2, sessionService }) => {
329
329
  limit: 1
330
330
  });
331
331
  if (!activeSessions || activeSessions.length === 0) {
332
- const allSessions = await strapi2.documents(SESSION_UID$4).findMany({
333
- filters: { user: { documentId: userDocId2 } },
334
- limit: 1,
335
- fields: ["isActive"]
332
+ const inactiveSessions = await strapi2.documents(SESSION_UID$4).findMany({
333
+ filters: {
334
+ user: { documentId: userDocId2 },
335
+ isActive: false
336
+ },
337
+ limit: 5,
338
+ fields: ["documentId", "terminatedManually", "lastActive"],
339
+ sort: [{ lastActive: "desc" }]
336
340
  });
337
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
338
- if (strictMode && hasInactiveSessions) {
339
- strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Session terminated (user: ${userDocId2.substring(0, 8)}...)`);
340
- return ctx.unauthorized("Session has been terminated. Please login again.");
341
+ if (inactiveSessions && inactiveSessions.length > 0) {
342
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
343
+ if (manuallyTerminated) {
344
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] User ${userDocId2.substring(0, 8)}... was manually logged out`);
345
+ return ctx.unauthorized("Session has been terminated. Please login again.");
346
+ }
347
+ const sessionToReactivate = inactiveSessions[0];
348
+ await strapi2.documents(SESSION_UID$4).update({
349
+ documentId: sessionToReactivate.documentId,
350
+ data: {
351
+ isActive: true,
352
+ lastActive: /* @__PURE__ */ new Date()
353
+ }
354
+ });
355
+ strapi2.log.info(`[magic-sessionmanager] [REACTIVATED] Session reactivated for user ${userDocId2.substring(0, 8)}...`);
356
+ } else {
357
+ if (strictMode) {
358
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
359
+ return ctx.unauthorized("No valid session. Please login again.");
360
+ }
361
+ strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
341
362
  }
342
- strapi2.log.debug(`[magic-sessionmanager] [WARN] No active session for user ${userDocId2.substring(0, 8)}... (allowing)`);
343
363
  }
344
364
  ctx.state.userDocumentId = userDocId2;
345
365
  }
@@ -810,39 +830,44 @@ async function registerSessionAwareAuthStrategy(strapi2, log) {
810
830
  if (activeSessions && activeSessions.length > 0) {
811
831
  return decoded;
812
832
  }
813
- const allSessions = await strapi2.documents(SESSION_UID$3).findMany({
814
- filters: { user: { documentId: userDocId } },
833
+ const inactiveSessions = await strapi2.documents(SESSION_UID$3).findMany({
834
+ filters: {
835
+ user: { documentId: userDocId },
836
+ isActive: false
837
+ },
815
838
  limit: 5,
816
- fields: ["isActive", "lastActive"]
839
+ fields: ["documentId", "terminatedManually", "lastActive"],
840
+ sort: [{ lastActive: "desc" }]
817
841
  });
818
- const totalSessions = allSessions?.length || 0;
819
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
820
- if (!strictMode) {
821
- if (totalSessions === 0) {
822
- strapi2.log.warn(
823
- `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
824
- );
825
- } else if (hasInactiveSessions) {
826
- strapi2.log.warn(
827
- `[magic-sessionmanager] [JWT-WARN] User ${userDocId.substring(0, 8)}... has ${totalSessions} inactive sessions but no active ones (allowing - strictMode off)`
842
+ if (inactiveSessions && inactiveSessions.length > 0) {
843
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
844
+ if (manuallyTerminated) {
845
+ strapi2.log.info(
846
+ `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
828
847
  );
848
+ return null;
829
849
  }
830
- return decoded;
831
- }
832
- if (totalSessions === 0) {
833
- strapi2.log.warn(
834
- `[magic-sessionmanager] [JWT-ALLOW] No sessions exist for user ${userDocId.substring(0, 8)}... (allowing - possible race condition)`
850
+ const sessionToReactivate = inactiveSessions[0];
851
+ await strapi2.documents(SESSION_UID$3).update({
852
+ documentId: sessionToReactivate.documentId,
853
+ data: {
854
+ isActive: true,
855
+ lastActive: /* @__PURE__ */ new Date()
856
+ }
857
+ });
858
+ strapi2.log.info(
859
+ `[magic-sessionmanager] [JWT-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
835
860
  );
836
861
  return decoded;
837
862
  }
838
- if (hasInactiveSessions) {
863
+ if (strictMode) {
839
864
  strapi2.log.info(
840
- `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was logged out (${totalSessions} inactive sessions)`
865
+ `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode)`
841
866
  );
842
867
  return null;
843
868
  }
844
869
  strapi2.log.warn(
845
- `[magic-sessionmanager] [JWT-ALLOW] Unexpected session state for user ${userDocId.substring(0, 8)}... (allowing)`
870
+ `[magic-sessionmanager] [JWT-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
846
871
  );
847
872
  return decoded;
848
873
  } catch (err) {
@@ -962,6 +987,11 @@ const attributes = {
962
987
  "default": true,
963
988
  required: true
964
989
  },
990
+ terminatedManually: {
991
+ type: "boolean",
992
+ "default": false,
993
+ required: false
994
+ },
965
995
  geoLocation: {
966
996
  type: "json"
967
997
  },
@@ -2223,10 +2253,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2223
2253
  documentId: sessionId,
2224
2254
  data: {
2225
2255
  isActive: false,
2256
+ terminatedManually: true,
2226
2257
  logoutTime: now
2227
2258
  }
2228
2259
  });
2229
- log.info(`Session ${sessionId} terminated`);
2260
+ log.info(`Session ${sessionId} terminated (manual)`);
2230
2261
  } else if (userId) {
2231
2262
  let userDocumentId = userId;
2232
2263
  if (!isNaN(userId)) {
@@ -2247,11 +2278,12 @@ var session$1 = ({ strapi: strapi2 }) => {
2247
2278
  documentId: session2.documentId,
2248
2279
  data: {
2249
2280
  isActive: false,
2281
+ terminatedManually: true,
2250
2282
  logoutTime: now
2251
2283
  }
2252
2284
  });
2253
2285
  }
2254
- log.info(`All sessions terminated for user ${userDocumentId}`);
2286
+ log.info(`All sessions terminated (manual) for user ${userDocumentId}`);
2255
2287
  }
2256
2288
  } catch (err) {
2257
2289
  log.error("Error terminating session:", err);
@@ -2592,7 +2624,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2592
2624
  if (lastActiveTime < cutoffTime) {
2593
2625
  await strapi2.documents(SESSION_UID$1).update({
2594
2626
  documentId: session2.documentId,
2595
- data: { isActive: false }
2627
+ data: {
2628
+ isActive: false,
2629
+ terminatedManually: false
2630
+ // Timeout, not manual - can be reactivated
2631
+ }
2596
2632
  });
2597
2633
  deactivatedCount++;
2598
2634
  }
@@ -2645,7 +2681,7 @@ var session$1 = ({ strapi: strapi2 }) => {
2645
2681
  }
2646
2682
  };
2647
2683
  };
2648
- const version$1 = "4.3.2";
2684
+ const version$1 = "4.3.4";
2649
2685
  const require$$2 = {
2650
2686
  version: version$1
2651
2687
  };
@@ -38981,20 +39017,44 @@ var sessionRequired$1 = async (policyContext, config2, { strapi: strapi2 }) => {
38981
39017
  if (activeSessions && activeSessions.length > 0) {
38982
39018
  return true;
38983
39019
  }
38984
- const allSessions = await strapi2.documents(SESSION_UID).findMany({
38985
- filters: { user: { documentId: userDocId } },
38986
- limit: 1,
38987
- fields: ["isActive"]
39020
+ const inactiveSessions = await strapi2.documents(SESSION_UID).findMany({
39021
+ filters: {
39022
+ user: { documentId: userDocId },
39023
+ isActive: false
39024
+ },
39025
+ limit: 5,
39026
+ fields: ["documentId", "terminatedManually", "lastActive"],
39027
+ sort: [{ lastActive: "desc" }]
38988
39028
  });
38989
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
38990
- if (strictMode && hasInactiveSessions) {
39029
+ if (inactiveSessions && inactiveSessions.length > 0) {
39030
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
39031
+ if (manuallyTerminated) {
39032
+ strapi2.log.info(
39033
+ `[magic-sessionmanager] [POLICY-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
39034
+ );
39035
+ throw new errors.UnauthorizedError("Session terminated. Please login again.");
39036
+ }
39037
+ const sessionToReactivate = inactiveSessions[0];
39038
+ await strapi2.documents(SESSION_UID).update({
39039
+ documentId: sessionToReactivate.documentId,
39040
+ data: {
39041
+ isActive: true,
39042
+ lastActive: /* @__PURE__ */ new Date()
39043
+ }
39044
+ });
39045
+ strapi2.log.info(
39046
+ `[magic-sessionmanager] [POLICY-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
39047
+ );
39048
+ return true;
39049
+ }
39050
+ if (strictMode) {
38991
39051
  strapi2.log.info(
38992
- `[magic-sessionmanager] [POLICY-BLOCKED] Session terminated (user: ${userDocId.substring(0, 8)}...)`
39052
+ `[magic-sessionmanager] [POLICY-BLOCKED] No session exists (user: ${userDocId.substring(0, 8)}..., strictMode)`
38993
39053
  );
38994
- throw new errors.UnauthorizedError("Session terminated. Please login again.");
39054
+ throw new errors.UnauthorizedError("No valid session. Please login again.");
38995
39055
  }
38996
- strapi2.log.debug(
38997
- `[magic-sessionmanager] [POLICY-WARN] No active session for user ${userDocId.substring(0, 8)}... (allowing)`
39056
+ strapi2.log.warn(
39057
+ `[magic-sessionmanager] [POLICY-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
38998
39058
  );
38999
39059
  return true;
39000
39060
  } catch (err) {
package/dist/server/index.mjs CHANGED
@@ -316,17 +316,37 @@ var lastSeen = ({ strapi: strapi2, sessionService }) => {
316
316
  limit: 1
317
317
  });
318
318
  if (!activeSessions || activeSessions.length === 0) {
319
- const allSessions = await strapi2.documents(SESSION_UID$4).findMany({
320
- filters: { user: { documentId: userDocId2 } },
321
- limit: 1,
322
- fields: ["isActive"]
319
+ const inactiveSessions = await strapi2.documents(SESSION_UID$4).findMany({
320
+ filters: {
321
+ user: { documentId: userDocId2 },
322
+ isActive: false
323
+ },
324
+ limit: 5,
325
+ fields: ["documentId", "terminatedManually", "lastActive"],
326
+ sort: [{ lastActive: "desc" }]
323
327
  });
324
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
325
- if (strictMode && hasInactiveSessions) {
326
- strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Session terminated (user: ${userDocId2.substring(0, 8)}...)`);
327
- return ctx.unauthorized("Session has been terminated. Please login again.");
328
+ if (inactiveSessions && inactiveSessions.length > 0) {
329
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
330
+ if (manuallyTerminated) {
331
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] User ${userDocId2.substring(0, 8)}... was manually logged out`);
332
+ return ctx.unauthorized("Session has been terminated. Please login again.");
333
+ }
334
+ const sessionToReactivate = inactiveSessions[0];
335
+ await strapi2.documents(SESSION_UID$4).update({
336
+ documentId: sessionToReactivate.documentId,
337
+ data: {
338
+ isActive: true,
339
+ lastActive: /* @__PURE__ */ new Date()
340
+ }
341
+ });
342
+ strapi2.log.info(`[magic-sessionmanager] [REACTIVATED] Session reactivated for user ${userDocId2.substring(0, 8)}...`);
343
+ } else {
344
+ if (strictMode) {
345
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
346
+ return ctx.unauthorized("No valid session. Please login again.");
347
+ }
348
+ strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
328
349
  }
329
- strapi2.log.debug(`[magic-sessionmanager] [WARN] No active session for user ${userDocId2.substring(0, 8)}... (allowing)`);
330
350
  }
331
351
  ctx.state.userDocumentId = userDocId2;
332
352
  }
@@ -797,39 +817,44 @@ async function registerSessionAwareAuthStrategy(strapi2, log) {
797
817
  if (activeSessions && activeSessions.length > 0) {
798
818
  return decoded;
799
819
  }
800
- const allSessions = await strapi2.documents(SESSION_UID$3).findMany({
801
- filters: { user: { documentId: userDocId } },
820
+ const inactiveSessions = await strapi2.documents(SESSION_UID$3).findMany({
821
+ filters: {
822
+ user: { documentId: userDocId },
823
+ isActive: false
824
+ },
802
825
  limit: 5,
803
- fields: ["isActive", "lastActive"]
826
+ fields: ["documentId", "terminatedManually", "lastActive"],
827
+ sort: [{ lastActive: "desc" }]
804
828
  });
805
- const totalSessions = allSessions?.length || 0;
806
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
807
- if (!strictMode) {
808
- if (totalSessions === 0) {
809
- strapi2.log.warn(
810
- `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
811
- );
812
- } else if (hasInactiveSessions) {
813
- strapi2.log.warn(
814
- `[magic-sessionmanager] [JWT-WARN] User ${userDocId.substring(0, 8)}... has ${totalSessions} inactive sessions but no active ones (allowing - strictMode off)`
829
+ if (inactiveSessions && inactiveSessions.length > 0) {
830
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
831
+ if (manuallyTerminated) {
832
+ strapi2.log.info(
833
+ `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
815
834
  );
835
+ return null;
816
836
  }
817
- return decoded;
818
- }
819
- if (totalSessions === 0) {
820
- strapi2.log.warn(
821
- `[magic-sessionmanager] [JWT-ALLOW] No sessions exist for user ${userDocId.substring(0, 8)}... (allowing - possible race condition)`
837
+ const sessionToReactivate = inactiveSessions[0];
838
+ await strapi2.documents(SESSION_UID$3).update({
839
+ documentId: sessionToReactivate.documentId,
840
+ data: {
841
+ isActive: true,
842
+ lastActive: /* @__PURE__ */ new Date()
843
+ }
844
+ });
845
+ strapi2.log.info(
846
+ `[magic-sessionmanager] [JWT-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
822
847
  );
823
848
  return decoded;
824
849
  }
825
- if (hasInactiveSessions) {
850
+ if (strictMode) {
826
851
  strapi2.log.info(
827
- `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was logged out (${totalSessions} inactive sessions)`
852
+ `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode)`
828
853
  );
829
854
  return null;
830
855
  }
831
856
  strapi2.log.warn(
832
- `[magic-sessionmanager] [JWT-ALLOW] Unexpected session state for user ${userDocId.substring(0, 8)}... (allowing)`
857
+ `[magic-sessionmanager] [JWT-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
833
858
  );
834
859
  return decoded;
835
860
  } catch (err) {
@@ -949,6 +974,11 @@ const attributes = {
949
974
  "default": true,
950
975
  required: true
951
976
  },
977
+ terminatedManually: {
978
+ type: "boolean",
979
+ "default": false,
980
+ required: false
981
+ },
952
982
  geoLocation: {
953
983
  type: "json"
954
984
  },
@@ -2210,10 +2240,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2210
2240
  documentId: sessionId,
2211
2241
  data: {
2212
2242
  isActive: false,
2243
+ terminatedManually: true,
2213
2244
  logoutTime: now
2214
2245
  }
2215
2246
  });
2216
- log.info(`Session ${sessionId} terminated`);
2247
+ log.info(`Session ${sessionId} terminated (manual)`);
2217
2248
  } else if (userId) {
2218
2249
  let userDocumentId = userId;
2219
2250
  if (!isNaN(userId)) {
@@ -2234,11 +2265,12 @@ var session$1 = ({ strapi: strapi2 }) => {
2234
2265
  documentId: session2.documentId,
2235
2266
  data: {
2236
2267
  isActive: false,
2268
+ terminatedManually: true,
2237
2269
  logoutTime: now
2238
2270
  }
2239
2271
  });
2240
2272
  }
2241
- log.info(`All sessions terminated for user ${userDocumentId}`);
2273
+ log.info(`All sessions terminated (manual) for user ${userDocumentId}`);
2242
2274
  }
2243
2275
  } catch (err) {
2244
2276
  log.error("Error terminating session:", err);
@@ -2579,7 +2611,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2579
2611
  if (lastActiveTime < cutoffTime) {
2580
2612
  await strapi2.documents(SESSION_UID$1).update({
2581
2613
  documentId: session2.documentId,
2582
- data: { isActive: false }
2614
+ data: {
2615
+ isActive: false,
2616
+ terminatedManually: false
2617
+ // Timeout, not manual - can be reactivated
2618
+ }
2583
2619
  });
2584
2620
  deactivatedCount++;
2585
2621
  }
@@ -2632,7 +2668,7 @@ var session$1 = ({ strapi: strapi2 }) => {
2632
2668
  }
2633
2669
  };
2634
2670
  };
2635
- const version$1 = "4.3.2";
2671
+ const version$1 = "4.3.4";
2636
2672
  const require$$2 = {
2637
2673
  version: version$1
2638
2674
  };
@@ -38968,20 +39004,44 @@ var sessionRequired$1 = async (policyContext, config2, { strapi: strapi2 }) => {
38968
39004
  if (activeSessions && activeSessions.length > 0) {
38969
39005
  return true;
38970
39006
  }
38971
- const allSessions = await strapi2.documents(SESSION_UID).findMany({
38972
- filters: { user: { documentId: userDocId } },
38973
- limit: 1,
38974
- fields: ["isActive"]
39007
+ const inactiveSessions = await strapi2.documents(SESSION_UID).findMany({
39008
+ filters: {
39009
+ user: { documentId: userDocId },
39010
+ isActive: false
39011
+ },
39012
+ limit: 5,
39013
+ fields: ["documentId", "terminatedManually", "lastActive"],
39014
+ sort: [{ lastActive: "desc" }]
38975
39015
  });
38976
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
38977
- if (strictMode && hasInactiveSessions) {
39016
+ if (inactiveSessions && inactiveSessions.length > 0) {
39017
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
39018
+ if (manuallyTerminated) {
39019
+ strapi2.log.info(
39020
+ `[magic-sessionmanager] [POLICY-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
39021
+ );
39022
+ throw new errors.UnauthorizedError("Session terminated. Please login again.");
39023
+ }
39024
+ const sessionToReactivate = inactiveSessions[0];
39025
+ await strapi2.documents(SESSION_UID).update({
39026
+ documentId: sessionToReactivate.documentId,
39027
+ data: {
39028
+ isActive: true,
39029
+ lastActive: /* @__PURE__ */ new Date()
39030
+ }
39031
+ });
39032
+ strapi2.log.info(
39033
+ `[magic-sessionmanager] [POLICY-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
39034
+ );
39035
+ return true;
39036
+ }
39037
+ if (strictMode) {
38978
39038
  strapi2.log.info(
38979
- `[magic-sessionmanager] [POLICY-BLOCKED] Session terminated (user: ${userDocId.substring(0, 8)}...)`
39039
+ `[magic-sessionmanager] [POLICY-BLOCKED] No session exists (user: ${userDocId.substring(0, 8)}..., strictMode)`
38980
39040
  );
38981
- throw new errors.UnauthorizedError("Session terminated. Please login again.");
39041
+ throw new errors.UnauthorizedError("No valid session. Please login again.");
38982
39042
  }
38983
- strapi2.log.debug(
38984
- `[magic-sessionmanager] [POLICY-WARN] No active session for user ${userDocId.substring(0, 8)}... (allowing)`
39043
+ strapi2.log.warn(
39044
+ `[magic-sessionmanager] [POLICY-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
38985
39045
  );
38986
39046
  return true;
38987
39047
  } catch (err) {
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "4.3.3",
2
+ "version": "4.4.0",
3
3
  "keywords": [
4
4
  "strapi",
5
5
  "strapi-plugin",