dunkirk.sh / thistle
🪻 distributed transcription service thistle.dunkirk.sh
fork atom

bug: fix session self kill failure thnks to @mpkendall

dunkirk.sh 9deff468 20300ab9

verified
options
unified split
Changed files
+42 -1
src
components
user-settings.ts
index.test.ts
index.ts
+2 -1
src/components/user-settings.ts 
···

       
852

       
852

       
 

       
			});


     

       
853

       
853

       
 

       



     

       
854

       
854

       
 

       
			if (!response.ok) {


     

       
855

       

       
-

       
				this.error = "Failed to kill session";


     

       

       
855

       
+

       
				const data = await response.json();


     

       

       
856

       
+

       
				this.error = data.error || "Failed to kill session";


     

       
856

       
857

       
 

       
				return;


     

       
857

       
858

       
 

       
			}


     

       
858

       
859
+32
src/index.test.ts 
···

       
600

       
600

       
 

       



     

       
601

       
601

       
 

       
			expect(response.status).toBe(404);


     

       
602

       
602

       
 

       
		});


     

       

       
603

       
+

       



     

       

       
604

       
+

       
		serverTest("should not delete current session", async () => {


     

       

       
605

       
+

       
			// Register user


     

       

       
606

       
+

       
			const hashedPassword = await clientHashPassword(


     

       

       
607

       
+

       
				TEST_USER.email,


     

       

       
608

       
+

       
				TEST_USER.password,


     

       

       
609

       
+

       
			);


     

       

       
610

       
+

       
			const registerResponse = await fetch(`${BASE_URL}/api/auth/register`, {


     

       

       
611

       
+

       
				method: "POST",


     

       

       
612

       
+

       
				headers: { "Content-Type": "application/json" },


     

       

       
613

       
+

       
				body: JSON.stringify({


     

       

       
614

       
+

       
					email: TEST_USER.email,


     

       

       
615

       
+

       
					password: hashedPassword,


     

       

       
616

       
+

       
				}),


     

       

       
617

       
+

       
			});


     

       

       
618

       
+

       
			const sessionCookie = extractSessionCookie(registerResponse);


     

       

       
619

       
+

       



     

       

       
620

       
+

       
			// Try to delete own current session


     

       

       
621

       
+

       
			const response = await authRequest(


     

       

       
622

       
+

       
				`${BASE_URL}/api/sessions`,


     

       

       
623

       
+

       
				sessionCookie,


     

       

       
624

       
+

       
				{


     

       

       
625

       
+

       
					method: "DELETE",


     

       

       
626

       
+

       
					headers: { "Content-Type": "application/json" },


     

       

       
627

       
+

       
					body: JSON.stringify({ sessionId: sessionCookie }),


     

       

       
628

       
+

       
				},


     

       

       
629

       
+

       
			);


     

       

       
630

       
+

       



     

       

       
631

       
+

       
			expect(response.status).toBe(400);


     

       

       
632

       
+

       
			const data = await response.json();


     

       

       
633

       
+

       
			expect(data.error).toContain("Cannot kill current session");


     

       

       
634

       
+

       
		});


     

       
603

       
635

       
 

       
	});


     

       
604

       
636

       
 

       
});


     

       
605

       
637
+8
src/index.ts 
···

       
456

       
456

       
 

       
						user_agent: s.user_agent,


     

       
457

       
457

       
 

       
						created_at: s.created_at,


     

       
458

       
458

       
 

       
						expires_at: s.expires_at,


     

       

       
459

       
+

       
						is_current: s.id === sessionId,


     

       
459

       
460

       
 

       
					})),


     

       
460

       
461

       
 

       
				});


     

       
461

       
462

       
 

       
			},


     
···

       
473

       
474

       
 

       
				if (!targetSessionId) {


     

       
474

       
475

       
 

       
					return Response.json(


     

       
475

       
476

       
 

       
						{ error: "Session ID required" },


     

       

       
477

       
+

       
						{ status: 400 },


     

       

       
478

       
+

       
					);


     

       

       
479

       
+

       
				}


     

       

       
480

       
+

       
				// Prevent deleting current session


     

       

       
481

       
+

       
				if (targetSessionId === currentSessionId) {


     

       

       
482

       
+

       
					return Response.json(


     

       

       
483

       
+

       
						{ error: "Cannot kill current session. Use logout instead." },


     

       
476

       
484

       
 

       
						{ status: 400 },


     

       
477

       
485

       
 

       
					);


     

       
478

       
486

       
 

       
				}