From 42b82eaed556bf182f0198f49be4c2ba9cc3c4b1 Mon Sep 17 00:00:00 2001
From: LukeGus <bugattiguy527@gmail.com>
Date: Tue, 4 Nov 2025 17:32:10 -0600
Subject: [PATCH] fix: Improve session clearing (possible RC)

---
 src/backend/utils/auth-manager.ts | 71 +++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)

diff --git a/src/backend/utils/auth-manager.ts b/src/backend/utils/auth-manager.ts
index e7cbe146..4c936110 100644
--- a/src/backend/utils/auth-manager.ts
+++ b/src/backend/utils/auth-manager.ts
@@ -393,10 +393,41 @@ class AuthManager {
 
       const expiredCount = expiredSessions.length;
 
+      if (expiredCount === 0) {
+        return 0;
+      }
+
       await db
         .delete(sessions)
         .where(sql`${sessions.expiresAt} < datetime('now')`);
 
+      try {
+        const { saveMemoryDatabaseToFile } = await import(
+          "../database/db/index.js"
+        );
+        await saveMemoryDatabaseToFile();
+      } catch (saveError) {
+        databaseLogger.error(
+          "Failed to save database after cleaning up expired sessions",
+          saveError,
+          {
+            operation: "sessions_cleanup_db_save_failed",
+          },
+        );
+      }
+
+      const affectedUsers = new Set(expiredSessions.map((s) => s.userId));
+      for (const userId of affectedUsers) {
+        const remainingSessions = await db
+          .select()
+          .from(sessions)
+          .where(eq(sessions.userId, userId));
+
+        if (remainingSessions.length === 0) {
+          this.userCrypto.logoutUser(userId);
+        }
+      }
+
       return expiredCount;
     } catch (error) {
       databaseLogger.error("Failed to cleanup expired sessions", error, {
@@ -504,6 +535,46 @@ class AuthManager {
               currentTime: currentTime,
               difference: currentTime - sessionExpiryTime,
             });
+
+            db.delete(sessions)
+              .where(eq(sessions.id, payload.sessionId))
+              .then(async () => {
+                try {
+                  const { saveMemoryDatabaseToFile } = await import(
+                    "../database/db/index.js"
+                  );
+                  await saveMemoryDatabaseToFile();
+
+                  const remainingSessions = await db
+                    .select()
+                    .from(sessions)
+                    .where(eq(sessions.userId, payload.userId));
+
+                  if (remainingSessions.length === 0) {
+                    this.userCrypto.logoutUser(payload.userId);
+                  }
+                } catch (cleanupError) {
+                  databaseLogger.error(
+                    "Failed to cleanup after expired session",
+                    cleanupError,
+                    {
+                      operation: "expired_session_cleanup_failed",
+                      sessionId: payload.sessionId,
+                    },
+                  );
+                }
+              })
+              .catch((error) => {
+                databaseLogger.error(
+                  "Failed to delete expired session",
+                  error,
+                  {
+                    operation: "expired_session_delete_failed",
+                    sessionId: payload.sessionId,
+                  },
+                );
+              });
+
             return res.status(401).json({
               error: "Session has expired",
               code: "SESSION_EXPIRED",