extend cookie

zitadel · Mar 18, 2024 · e06bf4b · e06bf4b
1 parent 7cd59d8
commit e06bf4b
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 16 deletions.
diff --git a/apps/login/app/api/session/route.ts b/apps/login/app/api/session/route.ts
@@ -64,9 +64,7 @@ export async function PUT(request: NextRequest) {
       .then((recent) => {
         console.log("setsession", webAuthN);
         return setSessionAndUpdateCookie(
-          recent.id,
-          recent.token,
-          recent.loginName,
+          recent,
           password,
           webAuthN,
           challenges,

diff --git a/apps/login/lib/zitadel.ts b/apps/login/lib/zitadel.ts
@@ -115,12 +115,22 @@ export async function createSession(
         {
           checks: { user: { loginName }, password: { password } },
           challenges,
+          lifetime: {
+            seconds: 300,
+            nanos: 0,
+          },
         },
         {}
       )
     : sessionService.createSession(
-        { checks: { user: { loginName } }, challenges },
-
+        {
+          checks: { user: { loginName } },
+          challenges,
+          lifetime: {
+            seconds: 300,
+            nanos: 0,
+          },
+        },
         {}
       );
 }
@@ -137,6 +147,10 @@ export async function createSessionForUserIdAndIdpIntent(
   return sessionService.createSession(
     {
       checks: { user: { userId }, idpIntent },
+      lifetime: {
+        seconds: 300,
+        nanos: 0,
+      },
     },
     {}
   );

diff --git a/apps/login/utils/cookies.ts b/apps/login/utils/cookies.ts
@@ -6,6 +6,8 @@ export type SessionCookie = {
   id: string;
   token: string;
   loginName: string;
+  creationDate: string;
+  expirationDate: string;
   changeDate: string;
   authRequestId?: string; // if its linked to an OIDC flow
 };
@@ -135,25 +137,46 @@ export async function getSessionCookieByLoginName(
   }
 }
 
-export async function getAllSessionCookieIds(): Promise<any> {
+/**
+ *
+ * @param cleanup when true, removes all expired sessions, default true
+ * @returns Session Cookies
+ */
+export async function getAllSessionCookieIds(
+  cleanup: boolean = true
+): Promise<any> {
   const cookiesList = cookies();
   const stringifiedCookie = cookiesList.get("sessions");
 
   if (stringifiedCookie?.value) {
     const sessions: SessionCookie[] = JSON.parse(stringifiedCookie?.value);
-    return sessions.map((session) => session.id);
+
+    return sessions
+      .filter((session) =>
+        cleanup ? new Date(session.expirationDate) > new Date() : true
+      )
+      .map((session) => session.id);
   } else {
     return [];
   }
 }
 
-export async function getAllSessions(): Promise<SessionCookie[]> {
+/**
+ *
+ * @param cleanup when true, removes all expired sessions, default true
+ * @returns Session Cookies
+ */
+export async function getAllSessions(
+  cleanup: boolean = true
+): Promise<SessionCookie[]> {
   const cookiesList = cookies();
   const stringifiedCookie = cookiesList.get("sessions");
 
   if (stringifiedCookie?.value) {
     const sessions: SessionCookie[] = JSON.parse(stringifiedCookie?.value);
-    return sessions;
+    return sessions.filter((session) =>
+      cleanup ? new Date(session.expirationDate) > new Date() : true
+    );
   } else {
     return [];
   }

diff --git a/apps/login/utils/session.ts b/apps/login/utils/session.ts
@@ -35,6 +35,8 @@ export async function createSessionAndUpdateCookie(
         const sessionCookie: SessionCookie = {
           id: createdSession.sessionId,
           token: createdSession.sessionToken,
+          creationDate: response.session.creationDate?.toString() ?? "",
+          expirationDate: (response.session.expirationDate ?? "")?.toString(),
           changeDate: response.session.changeDate?.toString() ?? "",
           loginName: response.session?.factors?.user?.loginName ?? "",
         };
@@ -79,6 +81,8 @@ export async function createSessionForIdpAndUpdateCookie(
         const sessionCookie: SessionCookie = {
           id: createdSession.sessionId,
           token: createdSession.sessionToken,
+          creationDate: response.session.creationDate?.toString() ?? "",
+          expirationDate: (response.session.expirationDate ?? "")?.toString(),
           changeDate: response.session.changeDate?.toString() ?? "",
           loginName: response.session?.factors?.user?.loginName ?? "",
         };
@@ -104,28 +108,28 @@ export type SessionWithChallenges = Session & {
 };
 
 export async function setSessionAndUpdateCookie(
-  sessionId: string,
-  sessionToken: string,
-  loginName: string,
+  recentCookie: SessionCookie,
   password: string | undefined,
   webAuthN: { credentialAssertionData: any } | undefined,
   challenges: RequestChallenges | undefined,
   authRequestId: string | undefined
 ): Promise<SessionWithChallenges> {
   return setSession(
     server,
-    sessionId,
-    sessionToken,
+    recentCookie.id,
+    recentCookie.token,
     password,
     webAuthN,
     challenges
   ).then((updatedSession) => {
     if (updatedSession) {
       const sessionCookie: SessionCookie = {
-        id: sessionId,
+        id: recentCookie.id,
         token: updatedSession.sessionToken,
+        creationDate: recentCookie.creationDate,
+        expirationDate: recentCookie.expirationDate,
         changeDate: updatedSession.details?.changeDate?.toString() ?? "",
-        loginName: loginName,
+        loginName: recentCookie.loginName,
       };
 
       if (authRequestId) {
@@ -144,6 +148,8 @@ export async function setSessionAndUpdateCookie(
               const newCookie: SessionCookie = {
                 id: sessionCookie.id,
                 token: updatedSession.sessionToken,
+                creationDate: sessionCookie.creationDate,
+                expirationDate: sessionCookie.expirationDate,
                 changeDate: session.changeDate?.toString() ?? "",
                 loginName: session.factors?.user?.loginName ?? "",
               };