Check session expiry on each request
This commit is contained in:
sairajzero
parent
348cc989c9
commit
9760710c18
@ -30,9 +30,11 @@ function validateRequestFromFloID(request, sign, floID, proxy = true) {
|
|||||||
return reject(INVALID(INVALID_SERVER_MSG));
|
return reject(INVALID(INVALID_SERVER_MSG));
|
||||||
else if (!floCrypto.validateAddr(floID))
|
else if (!floCrypto.validateAddr(floID))
|
||||||
return res.status(INVALID.e_code).send("Invalid floID");
|
return res.status(INVALID.e_code).send("Invalid floID");
|
||||||
DB.query("SELECT " + (proxy ? "proxyKey AS pubKey FROM Sessions" : "pubKey FROM Users") + " WHERE floID=?", [floID]).then(result => {
|
DB.query("SELECT " + (proxy ? "session_time, proxyKey AS pubKey FROM Sessions" : "pubKey FROM Users") + " WHERE floID=?", [floID]).then(result => {
|
||||||
if (result.length < 1)
|
if (result.length < 1)
|
||||||
return reject(INVALID(proxy ? "Session not active" : "User not registered"));
|
return reject(INVALID(proxy ? "Session not active" : "User not registered"));
|
||||||
|
if (proxy && result[0].session_time + maxSessionTimeout < Date.now())
|
||||||
|
return res.status(INVALID.e_code).send("Session Expired! Re-login required");
|
||||||
let req_str = validateRequest(request, sign, result[0].pubKey);
|
let req_str = validateRequest(request, sign, result[0].pubKey);
|
||||||
req_str instanceof INVALID ? reject(req_str) : resolve(req_str);
|
req_str instanceof INVALID ? reject(req_str) : resolve(req_str);
|
||||||
}).catch(error => reject(error));
|
}).catch(error => reject(error));
|
||||||
@ -274,18 +276,11 @@ function Account(req, res) {
|
|||||||
type: "get_account",
|
type: "get_account",
|
||||||
timestamp: data.timestamp
|
timestamp: data.timestamp
|
||||||
}, data.sign, data.floID).then(req_str => {
|
}, data.sign, data.floID).then(req_str => {
|
||||||
DB.query("SELECT session_time FROM Sessions WHERE floID=?", [data.floID]).then(result => {
|
market.getAccountDetails(data.floID).then(result => {
|
||||||
if (result.length < 1)
|
if (trustedIDs.includes(data.floID))
|
||||||
res.status(INVALID.e_code).send("floID not registered");
|
result.subAdmin = true;
|
||||||
else if (result[0].session_time + maxSessionTimeout < Date.now())
|
res.send(result);
|
||||||
res.status(INVALID.e_code).send("Session Expired! Re-login required");
|
});
|
||||||
else
|
|
||||||
market.getAccountDetails(data.floID).then(result => {
|
|
||||||
if (trustedIDs.includes(data.floID))
|
|
||||||
result.subAdmin = true;
|
|
||||||
res.send(result);
|
|
||||||
});
|
|
||||||
}).catch(_ => res.status(INTERNAL.e_code).send("Try again later!"));
|
|
||||||
}).catch(error => {
|
}).catch(error => {
|
||||||
if (error instanceof INVALID)
|
if (error instanceof INVALID)
|
||||||
res.status(INVALID.e_code).send(error.message);
|
res.status(INVALID.e_code).send(error.message);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user