Enhance session management: restrict session access for blocked users and reduce token expiration to one day
This commit is contained in:
parent
b2a118e907
commit
aaea1eb6bb
2 changed files with 4 additions and 4 deletions
|
|
@ -62,7 +62,7 @@ export const authRouter = createTRPCRouter({
|
|||
}),
|
||||
|
||||
getSession: publicProcedure.query(async ({ ctx }) => {
|
||||
if (!ctx.session) return null;
|
||||
if (!ctx.session || ctx.session.isBlocked) return null;
|
||||
return ctx.session;
|
||||
}),
|
||||
addUserAdmin: adminProcedure
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ const accessTokenCookieOptions: OptionsType = {
|
|||
|
||||
const refreshTokenCookieOptions: OptionsType = {
|
||||
...cookieOptions,
|
||||
expires: add(new Date(), { days: 7 }),
|
||||
expires: add(new Date(), { days: 1 }),
|
||||
};
|
||||
|
||||
export const createUserAdmin = async ({
|
||||
|
|
@ -149,7 +149,7 @@ export const logIn = async ({
|
|||
};
|
||||
|
||||
const accessToken = await signToken(payload, "1h", "accessToken");
|
||||
const refreshToken = await signToken(payload, "7d", "refreshToken");
|
||||
const refreshToken = await signToken(payload, "1d", "refreshToken");
|
||||
|
||||
// Send Access Token in Cookie
|
||||
await setCookie(ACCESS_TOKEN_COOKIE_NAME, accessToken, {
|
||||
|
|
@ -208,7 +208,7 @@ export const swapAuth = async ({
|
|||
}
|
||||
|
||||
const accessToken = await signToken(user, "1h", "accessToken");
|
||||
const refreshToken = await signToken(user, "7d", "refreshToken");
|
||||
const refreshToken = await signToken(user, "1d", "refreshToken");
|
||||
|
||||
// Send Access Token in Cookie
|
||||
await setCookie(ACCESS_TOKEN_COOKIE_NAME, accessToken, {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue