Enhance session management: restrict session access for blocked users and reduce token expiration to one day
This commit is contained in:
parent
b2a118e907
commit
aaea1eb6bb
2 changed files with 4 additions and 4 deletions
|
|
@ -62,7 +62,7 @@ export const authRouter = createTRPCRouter({
|
||||||
}),
|
}),
|
||||||
|
|
||||||
getSession: publicProcedure.query(async ({ ctx }) => {
|
getSession: publicProcedure.query(async ({ ctx }) => {
|
||||||
if (!ctx.session) return null;
|
if (!ctx.session || ctx.session.isBlocked) return null;
|
||||||
return ctx.session;
|
return ctx.session;
|
||||||
}),
|
}),
|
||||||
addUserAdmin: adminProcedure
|
addUserAdmin: adminProcedure
|
||||||
|
|
|
||||||
|
|
@ -40,7 +40,7 @@ const accessTokenCookieOptions: OptionsType = {
|
||||||
|
|
||||||
const refreshTokenCookieOptions: OptionsType = {
|
const refreshTokenCookieOptions: OptionsType = {
|
||||||
...cookieOptions,
|
...cookieOptions,
|
||||||
expires: add(new Date(), { days: 7 }),
|
expires: add(new Date(), { days: 1 }),
|
||||||
};
|
};
|
||||||
|
|
||||||
export const createUserAdmin = async ({
|
export const createUserAdmin = async ({
|
||||||
|
|
@ -149,7 +149,7 @@ export const logIn = async ({
|
||||||
};
|
};
|
||||||
|
|
||||||
const accessToken = await signToken(payload, "1h", "accessToken");
|
const accessToken = await signToken(payload, "1h", "accessToken");
|
||||||
const refreshToken = await signToken(payload, "7d", "refreshToken");
|
const refreshToken = await signToken(payload, "1d", "refreshToken");
|
||||||
|
|
||||||
// Send Access Token in Cookie
|
// Send Access Token in Cookie
|
||||||
await setCookie(ACCESS_TOKEN_COOKIE_NAME, accessToken, {
|
await setCookie(ACCESS_TOKEN_COOKIE_NAME, accessToken, {
|
||||||
|
|
@ -208,7 +208,7 @@ export const swapAuth = async ({
|
||||||
}
|
}
|
||||||
|
|
||||||
const accessToken = await signToken(user, "1h", "accessToken");
|
const accessToken = await signToken(user, "1h", "accessToken");
|
||||||
const refreshToken = await signToken(user, "7d", "refreshToken");
|
const refreshToken = await signToken(user, "1d", "refreshToken");
|
||||||
|
|
||||||
// Send Access Token in Cookie
|
// Send Access Token in Cookie
|
||||||
await setCookie(ACCESS_TOKEN_COOKIE_NAME, accessToken, {
|
await setCookie(ACCESS_TOKEN_COOKIE_NAME, accessToken, {
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue