SYNC: checking logged users

2026-04-17 22:36:01 +00:00 · 2025-07-14 15:21:55 +02:00
parent 16d2a9bf99
commit ac40bd1e17
2 changed files with 38 additions and 14 deletions
--- a/packages/api/src/controllers/auth.js
+++ b/packages/api/src/controllers/auth.js
@@ -21,7 +21,13 @@ const {
 } = require('../utility/cloudIntf');
 const socket = require('../utility/socket');
 const { sendToAuditLog } = require('../utility/auditlog');
-const { isLoginLicensed, LOGIN_LIMIT_ERROR } = require('../utility/loginchecker');
+const {
+  isLoginLicensed,
+  LOGIN_LIMIT_ERROR,
+  markTokenAsLoggedIn,
+  markUserAsActive,
+  markLoginAsLoggedOut,
+} = require('../utility/loginchecker');

 const logger = getLogger('auth');

@@ -79,7 +85,7 @@ function authMiddleware(req, res, next) {
  try {
    const decoded = jwt.verify(token, getTokenSecret());
    req.user = decoded;
-    storage.markUserAsActive(decoded.licenseUid);
+    markUserAsActive(decoded.licenseUid, token);

    return next();
  } catch (err) {
@@ -124,19 +130,23 @@ module.exports = {
          message: 'Administration login successful',
        });

+        const licenseUid = `superadmin`;
+        const accessToken = jwt.sign(
+          {
+            login: 'superadmin',
+            permissions: await storage.loadSuperadminPermissions(),
+            roleId: -3,
+            licenseUid,
+          },
+          getTokenSecret(),
+          {
+            expiresIn: getTokenLifetime(),
+          }
+        );
+        markTokenAsLoggedIn(licenseUid, accessToken);
+
        return {
-          accessToken: jwt.sign(
-            {
-              login: 'superadmin',
-              permissions: await storage.loadSuperadminPermissions(),
-              roleId: -3,
-              licenseUid: `superadmin`,
-            },
-            getTokenSecret(),
-            {
-              expiresIn: getTokenLifetime(),
-            }
-          ),
+          accessToken,
        };
      }

@@ -192,5 +202,17 @@ module.exports = {
    return tokenHolder;
  },

+  logoutAdmin_meta: true,
+  async logoutAdmin() {
+    await markLoginAsLoggedOut('superadmin');
+    return true;
+  },
+
+  logoutUser_meta: true,
+  async logoutUser({}, req) {
+    await markLoginAsLoggedOut(req?.user?.licenseUid);
+    return true;
+  },
+
  authMiddleware,
 };
--- a/packages/web/src/clientAuth.ts
+++ b/packages/web/src/clientAuth.ts
@@ -311,9 +311,11 @@ export async function doLogout() {
  const category = getAuthCategory(config);

  if (category == 'admin') {
+    await apiCall('auth/logout-admin');
    localStorage.removeItem('adminAccessToken');
    internalRedirectTo('/admin-login.html?is-admin=true');
  } else if (category == 'token') {
+    await apiCall('auth/logout-user');
    localStorage.removeItem('accessToken');
    if (config.logoutUrl) {
      window.location.href = config.logoutUrl;