verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix detection of logoutSessionsOnSensitiveChanges 

Modify the code detecting whether logoutSessionsOnSensitiveChanges
is enabled to correctly handle the case when the model is not attached
to any application, as is the case with loopback-component-passport
tests.
This commit is contained in:
Miroslav Bajtoš 2017-01-31 15:53:41 +01:00
parent 05db4337cf
commit 0cc2b5b8db
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
common/models/user.js
View File

@ -867,7 +867,9 @@ module.exports = function(User) {
});
User.observe('before save', function prepareForTokenInvalidation(ctx, next) {
if (!ctx.Model.app.get('logoutSessionsOnSensitiveChanges')) return next();
var invalidationEnabled = ctx.Model.app &&
ctx.Model.app.get('logoutSessionsOnSensitiveChanges');
if (!invalidationEnabled) return next();
if (ctx.isNewInstance) return next();
if (!ctx.where && !ctx.instance) return next();
@ -909,7 +911,9 @@ module.exports = function(User) {
});
User.observe('after save', function invalidateOtherTokens(ctx, next) {
if (!ctx.Model.app.get('logoutSessionsOnSensitiveChanges')) return next();
var invalidationEnabled = ctx.Model.app &&
ctx.Model.app.get('logoutSessionsOnSensitiveChanges');
if (!invalidationEnabled) return next();
if (!ctx.instance && !ctx.data) return next();
if (!ctx.hookState.originalUserData) return next();