strapi-plugin-magic-sessionmanager 4.3.4 → 4.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/server/index.js +98 -42
  2. package/dist/server/index.mjs +98 -42
  3. package/package.json +1 -1
package/dist/server/index.js CHANGED
@@ -329,21 +329,37 @@ var lastSeen = ({ strapi: strapi2, sessionService }) => {
329
329
  limit: 1
330
330
  });
331
331
  if (!activeSessions || activeSessions.length === 0) {
332
- const allSessions = await strapi2.documents(SESSION_UID$4).findMany({
333
- filters: { user: { documentId: userDocId2 } },
334
- limit: 1,
335
- fields: ["isActive"]
332
+ const inactiveSessions = await strapi2.documents(SESSION_UID$4).findMany({
333
+ filters: {
334
+ user: { documentId: userDocId2 },
335
+ isActive: false
336
+ },
337
+ limit: 5,
338
+ fields: ["documentId", "terminatedManually", "lastActive"],
339
+ sort: [{ lastActive: "desc" }]
336
340
  });
337
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
338
- if (hasInactiveSessions) {
339
- strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Session terminated (user: ${userDocId2.substring(0, 8)}...)`);
340
- return ctx.unauthorized("Session has been terminated. Please login again.");
341
- }
342
- if (strictMode) {
343
- strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
344
- return ctx.unauthorized("No valid session. Please login again.");
341
+ if (inactiveSessions && inactiveSessions.length > 0) {
342
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
343
+ if (manuallyTerminated) {
344
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] User ${userDocId2.substring(0, 8)}... was manually logged out`);
345
+ return ctx.unauthorized("Session has been terminated. Please login again.");
346
+ }
347
+ const sessionToReactivate = inactiveSessions[0];
348
+ await strapi2.documents(SESSION_UID$4).update({
349
+ documentId: sessionToReactivate.documentId,
350
+ data: {
351
+ isActive: true,
352
+ lastActive: /* @__PURE__ */ new Date()
353
+ }
354
+ });
355
+ strapi2.log.info(`[magic-sessionmanager] [REACTIVATED] Session reactivated for user ${userDocId2.substring(0, 8)}...`);
356
+ } else {
357
+ if (strictMode) {
358
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
359
+ return ctx.unauthorized("No valid session. Please login again.");
360
+ }
361
+ strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
345
362
  }
346
- strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
347
363
  }
348
364
  ctx.state.userDocumentId = userDocId2;
349
365
  }
@@ -814,33 +830,44 @@ async function registerSessionAwareAuthStrategy(strapi2, log) {
814
830
  if (activeSessions && activeSessions.length > 0) {
815
831
  return decoded;
816
832
  }
817
- const allSessions = await strapi2.documents(SESSION_UID$3).findMany({
818
- filters: { user: { documentId: userDocId } },
833
+ const inactiveSessions = await strapi2.documents(SESSION_UID$3).findMany({
834
+ filters: {
835
+ user: { documentId: userDocId },
836
+ isActive: false
837
+ },
819
838
  limit: 5,
820
- fields: ["isActive", "lastActive"]
839
+ fields: ["documentId", "terminatedManually", "lastActive"],
840
+ sort: [{ lastActive: "desc" }]
821
841
  });
822
- const totalSessions = allSessions?.length || 0;
823
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
824
- if (hasInactiveSessions) {
825
- strapi2.log.info(
826
- `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was logged out (${totalSessions} inactive sessions)`
827
- );
828
- return null;
829
- }
830
- if (totalSessions === 0) {
831
- if (strictMode) {
842
+ if (inactiveSessions && inactiveSessions.length > 0) {
843
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
844
+ if (manuallyTerminated) {
832
845
  strapi2.log.info(
833
- `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode enabled)`
846
+ `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
834
847
  );
835
848
  return null;
836
849
  }
837
- strapi2.log.warn(
838
- `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
850
+ const sessionToReactivate = inactiveSessions[0];
851
+ await strapi2.documents(SESSION_UID$3).update({
852
+ documentId: sessionToReactivate.documentId,
853
+ data: {
854
+ isActive: true,
855
+ lastActive: /* @__PURE__ */ new Date()
856
+ }
857
+ });
858
+ strapi2.log.info(
859
+ `[magic-sessionmanager] [JWT-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
839
860
  );
840
861
  return decoded;
841
862
  }
863
+ if (strictMode) {
864
+ strapi2.log.info(
865
+ `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode)`
866
+ );
867
+ return null;
868
+ }
842
869
  strapi2.log.warn(
843
- `[magic-sessionmanager] [JWT-ALLOW] Unexpected session state for user ${userDocId.substring(0, 8)}... (allowing)`
870
+ `[magic-sessionmanager] [JWT-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
844
871
  );
845
872
  return decoded;
846
873
  } catch (err) {
@@ -960,6 +987,11 @@ const attributes = {
960
987
  "default": true,
961
988
  required: true
962
989
  },
990
+ terminatedManually: {
991
+ type: "boolean",
992
+ "default": false,
993
+ required: false
994
+ },
963
995
  geoLocation: {
964
996
  type: "json"
965
997
  },
@@ -2221,10 +2253,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2221
2253
  documentId: sessionId,
2222
2254
  data: {
2223
2255
  isActive: false,
2256
+ terminatedManually: true,
2224
2257
  logoutTime: now
2225
2258
  }
2226
2259
  });
2227
- log.info(`Session ${sessionId} terminated`);
2260
+ log.info(`Session ${sessionId} terminated (manual)`);
2228
2261
  } else if (userId) {
2229
2262
  let userDocumentId = userId;
2230
2263
  if (!isNaN(userId)) {
@@ -2245,11 +2278,12 @@ var session$1 = ({ strapi: strapi2 }) => {
2245
2278
  documentId: session2.documentId,
2246
2279
  data: {
2247
2280
  isActive: false,
2281
+ terminatedManually: true,
2248
2282
  logoutTime: now
2249
2283
  }
2250
2284
  });
2251
2285
  }
2252
- log.info(`All sessions terminated for user ${userDocumentId}`);
2286
+ log.info(`All sessions terminated (manual) for user ${userDocumentId}`);
2253
2287
  }
2254
2288
  } catch (err) {
2255
2289
  log.error("Error terminating session:", err);
@@ -2590,7 +2624,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2590
2624
  if (lastActiveTime < cutoffTime) {
2591
2625
  await strapi2.documents(SESSION_UID$1).update({
2592
2626
  documentId: session2.documentId,
2593
- data: { isActive: false }
2627
+ data: {
2628
+ isActive: false,
2629
+ terminatedManually: false
2630
+ // Timeout, not manual - can be reactivated
2631
+ }
2594
2632
  });
2595
2633
  deactivatedCount++;
2596
2634
  }
@@ -2643,7 +2681,7 @@ var session$1 = ({ strapi: strapi2 }) => {
2643
2681
  }
2644
2682
  };
2645
2683
  };
2646
- const version$1 = "4.3.3";
2684
+ const version$1 = "4.3.4";
2647
2685
  const require$$2 = {
2648
2686
  version: version$1
2649
2687
  };
@@ -38979,17 +39017,35 @@ var sessionRequired$1 = async (policyContext, config2, { strapi: strapi2 }) => {
38979
39017
  if (activeSessions && activeSessions.length > 0) {
38980
39018
  return true;
38981
39019
  }
38982
- const allSessions = await strapi2.documents(SESSION_UID).findMany({
38983
- filters: { user: { documentId: userDocId } },
38984
- limit: 1,
38985
- fields: ["isActive"]
39020
+ const inactiveSessions = await strapi2.documents(SESSION_UID).findMany({
39021
+ filters: {
39022
+ user: { documentId: userDocId },
39023
+ isActive: false
39024
+ },
39025
+ limit: 5,
39026
+ fields: ["documentId", "terminatedManually", "lastActive"],
39027
+ sort: [{ lastActive: "desc" }]
38986
39028
  });
38987
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
38988
- if (hasInactiveSessions) {
39029
+ if (inactiveSessions && inactiveSessions.length > 0) {
39030
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
39031
+ if (manuallyTerminated) {
39032
+ strapi2.log.info(
39033
+ `[magic-sessionmanager] [POLICY-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
39034
+ );
39035
+ throw new errors.UnauthorizedError("Session terminated. Please login again.");
39036
+ }
39037
+ const sessionToReactivate = inactiveSessions[0];
39038
+ await strapi2.documents(SESSION_UID).update({
39039
+ documentId: sessionToReactivate.documentId,
39040
+ data: {
39041
+ isActive: true,
39042
+ lastActive: /* @__PURE__ */ new Date()
39043
+ }
39044
+ });
38989
39045
  strapi2.log.info(
38990
- `[magic-sessionmanager] [POLICY-BLOCKED] Session terminated (user: ${userDocId.substring(0, 8)}...)`
39046
+ `[magic-sessionmanager] [POLICY-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
38991
39047
  );
38992
- throw new errors.UnauthorizedError("Session terminated. Please login again.");
39048
+ return true;
38993
39049
  }
38994
39050
  if (strictMode) {
38995
39051
  strapi2.log.info(
package/dist/server/index.mjs CHANGED
@@ -316,21 +316,37 @@ var lastSeen = ({ strapi: strapi2, sessionService }) => {
316
316
  limit: 1
317
317
  });
318
318
  if (!activeSessions || activeSessions.length === 0) {
319
- const allSessions = await strapi2.documents(SESSION_UID$4).findMany({
320
- filters: { user: { documentId: userDocId2 } },
321
- limit: 1,
322
- fields: ["isActive"]
319
+ const inactiveSessions = await strapi2.documents(SESSION_UID$4).findMany({
320
+ filters: {
321
+ user: { documentId: userDocId2 },
322
+ isActive: false
323
+ },
324
+ limit: 5,
325
+ fields: ["documentId", "terminatedManually", "lastActive"],
326
+ sort: [{ lastActive: "desc" }]
323
327
  });
324
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
325
- if (hasInactiveSessions) {
326
- strapi2.log.info(`[magic-sessionmanager] [BLOCKED] Session terminated (user: ${userDocId2.substring(0, 8)}...)`);
327
- return ctx.unauthorized("Session has been terminated. Please login again.");
328
- }
329
- if (strictMode) {
330
- strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
331
- return ctx.unauthorized("No valid session. Please login again.");
328
+ if (inactiveSessions && inactiveSessions.length > 0) {
329
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
330
+ if (manuallyTerminated) {
331
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] User ${userDocId2.substring(0, 8)}... was manually logged out`);
332
+ return ctx.unauthorized("Session has been terminated. Please login again.");
333
+ }
334
+ const sessionToReactivate = inactiveSessions[0];
335
+ await strapi2.documents(SESSION_UID$4).update({
336
+ documentId: sessionToReactivate.documentId,
337
+ data: {
338
+ isActive: true,
339
+ lastActive: /* @__PURE__ */ new Date()
340
+ }
341
+ });
342
+ strapi2.log.info(`[magic-sessionmanager] [REACTIVATED] Session reactivated for user ${userDocId2.substring(0, 8)}...`);
343
+ } else {
344
+ if (strictMode) {
345
+ strapi2.log.info(`[magic-sessionmanager] [BLOCKED] No session exists (user: ${userDocId2.substring(0, 8)}..., strictMode)`);
346
+ return ctx.unauthorized("No valid session. Please login again.");
347
+ }
348
+ strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
332
349
  }
333
- strapi2.log.warn(`[magic-sessionmanager] [WARN] No session for user ${userDocId2.substring(0, 8)}... (allowing)`);
334
350
  }
335
351
  ctx.state.userDocumentId = userDocId2;
336
352
  }
@@ -801,33 +817,44 @@ async function registerSessionAwareAuthStrategy(strapi2, log) {
801
817
  if (activeSessions && activeSessions.length > 0) {
802
818
  return decoded;
803
819
  }
804
- const allSessions = await strapi2.documents(SESSION_UID$3).findMany({
805
- filters: { user: { documentId: userDocId } },
820
+ const inactiveSessions = await strapi2.documents(SESSION_UID$3).findMany({
821
+ filters: {
822
+ user: { documentId: userDocId },
823
+ isActive: false
824
+ },
806
825
  limit: 5,
807
- fields: ["isActive", "lastActive"]
826
+ fields: ["documentId", "terminatedManually", "lastActive"],
827
+ sort: [{ lastActive: "desc" }]
808
828
  });
809
- const totalSessions = allSessions?.length || 0;
810
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
811
- if (hasInactiveSessions) {
812
- strapi2.log.info(
813
- `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was logged out (${totalSessions} inactive sessions)`
814
- );
815
- return null;
816
- }
817
- if (totalSessions === 0) {
818
- if (strictMode) {
829
+ if (inactiveSessions && inactiveSessions.length > 0) {
830
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
831
+ if (manuallyTerminated) {
819
832
  strapi2.log.info(
820
- `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode enabled)`
833
+ `[magic-sessionmanager] [JWT-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
821
834
  );
822
835
  return null;
823
836
  }
824
- strapi2.log.warn(
825
- `[magic-sessionmanager] [JWT-WARN] No session found for user ${userDocId.substring(0, 8)}... (allowing - session may not have been created)`
837
+ const sessionToReactivate = inactiveSessions[0];
838
+ await strapi2.documents(SESSION_UID$3).update({
839
+ documentId: sessionToReactivate.documentId,
840
+ data: {
841
+ isActive: true,
842
+ lastActive: /* @__PURE__ */ new Date()
843
+ }
844
+ });
845
+ strapi2.log.info(
846
+ `[magic-sessionmanager] [JWT-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
826
847
  );
827
848
  return decoded;
828
849
  }
850
+ if (strictMode) {
851
+ strapi2.log.info(
852
+ `[magic-sessionmanager] [JWT-BLOCKED] No sessions exist for user ${userDocId.substring(0, 8)}... (strictMode)`
853
+ );
854
+ return null;
855
+ }
829
856
  strapi2.log.warn(
830
- `[magic-sessionmanager] [JWT-ALLOW] Unexpected session state for user ${userDocId.substring(0, 8)}... (allowing)`
857
+ `[magic-sessionmanager] [JWT-WARN] No session for user ${userDocId.substring(0, 8)}... (allowing)`
831
858
  );
832
859
  return decoded;
833
860
  } catch (err) {
@@ -947,6 +974,11 @@ const attributes = {
947
974
  "default": true,
948
975
  required: true
949
976
  },
977
+ terminatedManually: {
978
+ type: "boolean",
979
+ "default": false,
980
+ required: false
981
+ },
950
982
  geoLocation: {
951
983
  type: "json"
952
984
  },
@@ -2208,10 +2240,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2208
2240
  documentId: sessionId,
2209
2241
  data: {
2210
2242
  isActive: false,
2243
+ terminatedManually: true,
2211
2244
  logoutTime: now
2212
2245
  }
2213
2246
  });
2214
- log.info(`Session ${sessionId} terminated`);
2247
+ log.info(`Session ${sessionId} terminated (manual)`);
2215
2248
  } else if (userId) {
2216
2249
  let userDocumentId = userId;
2217
2250
  if (!isNaN(userId)) {
@@ -2232,11 +2265,12 @@ var session$1 = ({ strapi: strapi2 }) => {
2232
2265
  documentId: session2.documentId,
2233
2266
  data: {
2234
2267
  isActive: false,
2268
+ terminatedManually: true,
2235
2269
  logoutTime: now
2236
2270
  }
2237
2271
  });
2238
2272
  }
2239
- log.info(`All sessions terminated for user ${userDocumentId}`);
2273
+ log.info(`All sessions terminated (manual) for user ${userDocumentId}`);
2240
2274
  }
2241
2275
  } catch (err) {
2242
2276
  log.error("Error terminating session:", err);
@@ -2577,7 +2611,11 @@ var session$1 = ({ strapi: strapi2 }) => {
2577
2611
  if (lastActiveTime < cutoffTime) {
2578
2612
  await strapi2.documents(SESSION_UID$1).update({
2579
2613
  documentId: session2.documentId,
2580
- data: { isActive: false }
2614
+ data: {
2615
+ isActive: false,
2616
+ terminatedManually: false
2617
+ // Timeout, not manual - can be reactivated
2618
+ }
2581
2619
  });
2582
2620
  deactivatedCount++;
2583
2621
  }
@@ -2630,7 +2668,7 @@ var session$1 = ({ strapi: strapi2 }) => {
2630
2668
  }
2631
2669
  };
2632
2670
  };
2633
- const version$1 = "4.3.3";
2671
+ const version$1 = "4.3.4";
2634
2672
  const require$$2 = {
2635
2673
  version: version$1
2636
2674
  };
@@ -38966,17 +39004,35 @@ var sessionRequired$1 = async (policyContext, config2, { strapi: strapi2 }) => {
38966
39004
  if (activeSessions && activeSessions.length > 0) {
38967
39005
  return true;
38968
39006
  }
38969
- const allSessions = await strapi2.documents(SESSION_UID).findMany({
38970
- filters: { user: { documentId: userDocId } },
38971
- limit: 1,
38972
- fields: ["isActive"]
39007
+ const inactiveSessions = await strapi2.documents(SESSION_UID).findMany({
39008
+ filters: {
39009
+ user: { documentId: userDocId },
39010
+ isActive: false
39011
+ },
39012
+ limit: 5,
39013
+ fields: ["documentId", "terminatedManually", "lastActive"],
39014
+ sort: [{ lastActive: "desc" }]
38973
39015
  });
38974
- const hasInactiveSessions = allSessions?.some((s3) => s3.isActive === false);
38975
- if (hasInactiveSessions) {
39016
+ if (inactiveSessions && inactiveSessions.length > 0) {
39017
+ const manuallyTerminated = inactiveSessions.find((s3) => s3.terminatedManually === true);
39018
+ if (manuallyTerminated) {
39019
+ strapi2.log.info(
39020
+ `[magic-sessionmanager] [POLICY-BLOCKED] User ${userDocId.substring(0, 8)}... was manually logged out`
39021
+ );
39022
+ throw new errors.UnauthorizedError("Session terminated. Please login again.");
39023
+ }
39024
+ const sessionToReactivate = inactiveSessions[0];
39025
+ await strapi2.documents(SESSION_UID).update({
39026
+ documentId: sessionToReactivate.documentId,
39027
+ data: {
39028
+ isActive: true,
39029
+ lastActive: /* @__PURE__ */ new Date()
39030
+ }
39031
+ });
38976
39032
  strapi2.log.info(
38977
- `[magic-sessionmanager] [POLICY-BLOCKED] Session terminated (user: ${userDocId.substring(0, 8)}...)`
39033
+ `[magic-sessionmanager] [POLICY-REACTIVATED] Session reactivated for user ${userDocId.substring(0, 8)}...`
38978
39034
  );
38979
- throw new errors.UnauthorizedError("Session terminated. Please login again.");
39035
+ return true;
38980
39036
  }
38981
39037
  if (strictMode) {
38982
39038
  strapi2.log.info(
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "4.3.4",
2
+ "version": "4.4.0",
3
3
  "keywords": [
4
4
  "strapi",
5
5
  "strapi-plugin",