pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-06 02:36:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

always check resource session length

Browse Source
This commit is contained in:
miloschwartz
2025-10-27 09:45:12 -07:00
parent 9fbea4a380
commit 4cfd1b1ff5
1 changed files with 10 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
server/routers/badger/verifySession.ts
View File

@@ -387,19 +387,17 @@ export async function verifyResourceSession(
if (resourceSession) { if (resourceSession) {
// only run this check if not SSO sesion; SSO session length is checked later // only run this check if not SSO sesion; SSO session length is checked later
if (!(resourceSessions.userSessionId && sso)) { const accessPolicy = await enforceResourceSessionLength(
const accessPolicy = await enforceResourceSessionLength( resourceSession,
resourceSession, resourceData.org
resourceData.org );
);
if (!accessPolicy.valid) { if (!accessPolicy.valid) {
logger.debug( logger.debug(
"Resource session invalid due to org policy:", "Resource session invalid due to org policy:",
accessPolicy.error accessPolicy.error
); );
return notAllowed(res, redirectPath, resource.orgId); return notAllowed(res, redirectPath, resource.orgId);
}
} }
if (pincode && resourceSession.pincodeId) { if (pincode && resourceSession.pincodeId) {