UNPKG

@compas/store

Version:

Postgres & S3-compatible wrappers for common things

compasjs.com

compasjs/compas

96 lines (85 loc) 2.95 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import { eventStart, eventStop, newEventFromEvent } from "@compas/stdlib"; import { sessionStoreCleanupExpiredSessions } from "./session-store.js"; /** * Returns a {@link QueueWorkerHandler} that removes expired and revoked sessions via * {@link sessionStoreCleanupExpiredSessions}. By default, removes expired and revoked * sessions after 14 days. * * If 'maxSessionLifetimeInDays' is provided, even active sessions will be removed if * they are created 'maxSessionLifetimeInDays'-days ago. * * Recommended interval: daily * Recommended cronExpression: 0 2 * * * * * @param {{ * maxRevokedAgeInDays?: number, * maxSessionLifetimeInDays?: number, * }} [options] * @returns {import("./queue-worker.js").QueueWorkerHandler} */ export function jobSessionStoreCleanup(options) { /** * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @returns {Promise<void>} */ return async function jobSessionStoreCleanup(event, sql) { eventStart(event, "job.sessionStoreCleanup"); await sessionStoreCleanupExpiredSessions( newEventFromEvent(event), sql, options?.maxRevokedAgeInDays ?? 14, options?.maxSessionLifetimeInDays, ); eventStop(event); }; } /** * A {@link QueueWorkerHandler} to process reported leaked sessions. These jobs occur * when the session store finds that refresh token is used multiple times. The job is * able to either process the leaked session in to a report and log it via `type: * "sessionStore.leakedSession.report"` or is able to dump the raw session information * via `type: "sessionStore.leakedSession.dump"` * * @param {{ * useDump?: boolean, * }} [options] * @returns {import("./queue-worker.js").QueueWorkerHandler} */ export function jobSessionStoreProcessLeakedSession(options) { /** * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {import("./generated/common/types.d.ts").StoreJob} job * @returns {void} */ return function jobSessionStoreProcessLeakedSession(event, sql, job) { eventStart(event, "job.sessionStoreProcessLeakedSession"); if (options?.useDump) { event.log.info({ type: "sessionStore.leakedSession.dump", session: job.data.report.session, }); eventStop(event); return; } const session = job.data.report.session; const sessionCreated = new Date(session.createdAt); const sessionRevoked = new Date(session.revokedAt); const lastRefreshTimes = session.tokens .slice(session.tokens.length - 4) .map((it) => ({ createdAt: new Date(it.createdAt), revokedAt: new Date(it.revokedAt), })); event.log.info({ type: "sessionStore.leakedSession.report", session: { sessionCreated, sessionRevoked, lastRefreshTimes, }, }); eventStop(event); }; }