pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-08 05:56:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

only allow one device auth per session

Browse Source
This commit is contained in:
miloschwartz
2025-11-26 15:48:38 -05:00
parent de83cf9d8c
commit 5bd31f87f0
5 changed files with 45 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/auth/sessions/verifySession.ts
View File

@@ -18,13 +18,19 @@ export async function verifySession(req: Request, forceLogin?: boolean) {
user: null
};
}
if (res.session.deviceAuthUsed) {
return {
session: null,
user: null
};
}
if (!res.session.issuedAt) {
return {
session: null,
user: null
};
}
const mins = 3 * 60 * 1000;
const mins = 5 * 60 * 1000;
const now = new Date().getTime();
if (now - res.session.issuedAt > mins) {
return {