diff --git a/.vscode/launch.json b/.vscode/launch.json index 6b998e2..70171c0 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -11,7 +11,7 @@ "skipFiles": [ "/**" ], - "program": "${workspaceFolder}\\index.js" + "program": "${workspaceFolder}/index.js" } ] } diff --git a/api/auth.js b/api/auth.js index acbd517..df1fdcc 100644 --- a/api/auth.js +++ b/api/auth.js @@ -46,8 +46,9 @@ router.get('/', async (req, res) => { res.json(req.user) }) -// TODO: de-auth session -router.get('/logout', (req, res) => { +router.get('/logout', async (req, res) => { + await db.session.end(req.session.uuid); + req.session = null res.redirect('/') }) diff --git a/db/models/session.js b/db/models/session.js index ea216b8..f439377 100644 --- a/db/models/session.js +++ b/db/models/session.js @@ -51,3 +51,17 @@ session.update = async (session_uuid) => { const {rows} = await pg.query(query) return joinjs.map(rows, mappings, 'sessionMap', 'session_')[0]; } + +session.end = async (session_uuid) => { + const query = { + text: 'select * from sos.end_session($1)', + values: [ + session_uuid + ] + } + + debug(query); + + const {rows} = await pg.query(query) + return joinjs.map(rows, mappings, 'sessionMap', 'session_')[0]; +} \ No newline at end of file diff --git a/db/sql/1-tables.sql b/db/sql/1-tables.sql index 82608f1..fb42fda 100644 --- a/db/sql/1-tables.sql +++ b/db/sql/1-tables.sql @@ -29,7 +29,7 @@ create table sos."session" ( session_uuid uuid primary key default uuid_generate_v4(), session_time_created timestamptz not null default now(), session_time_last_active timestamptz not null default now(), - session_ended boolean not null default false, + session_time_logged_out timestamptz null, session_timeout_length interval not null, session_ip_address varchar(50) not null, session_user_agent varchar(500) not null, diff --git a/db/sql/3-functions.sql b/db/sql/3-functions.sql index bc0c4bb..6845c3d 100644 --- a/db/sql/3-functions.sql +++ b/db/sql/3-functions.sql @@ -23,6 +23,7 @@ as $function$ begin return query select * from sos.v_session where session_uuid = _session_uuid + and session_time_logged_out is null and session_time_last_active + session_timeout_length > now(); end; $function$; @@ -34,6 +35,7 @@ begin update sos."session" set session_time_last_active = now() where session_uuid = _session_uuid + and session_time_logged_out is null and now() < (select session_time_last_active + session_timeout_length); return query select * from sos.validate_session(_session_uuid); @@ -65,6 +67,20 @@ begin return query select * from sos.validate_session(_session_uuid); end; $function$; +create or replace function sos.end_session(_session_uuid uuid) + returns setof sos.v_session + language plpgsql +as $function$ +begin + update sos."session" + set session_time_logged_out = now() + where session_uuid = _session_uuid + and session_time_logged_out is null + and now() < (select session_time_last_active + session_timeout_length); + + return query select * from sos.validate_session(_session_uuid); +end; $function$; + create or replace function sos.create_item(_name text, _urlslug citext, _description text, _price_cents integer, _published boolean) returns setof sos.v_item language plpgsql diff --git a/db/sql/setup.sh b/db/sql/setup.sh index d422d82..841aa7d 100755 --- a/db/sql/setup.sh +++ b/db/sql/setup.sh @@ -37,9 +37,12 @@ function handleError { } function execFile { - echo " $1" - PGPASSWORD=$PG_PASS psql -v ON_ERROR_STOP=1 -h $DB_HOST -U postgres -d "$DB_NAME" -f $1 > /dev/null - handleError "Could not execute file $1" + FILE=$1 + USERNAME=$2 + PASSWORD=$3 + echo " $FILE" + PGPASSWORD=$PASSWORD psql -v ON_ERROR_STOP=1 -h $DB_HOST -U $USERNAME -d "$DB_NAME" -f $FILE > /dev/null + handleError "Could not execute file $FILE" } echo -e $RED"This will delete ALL DATA in the database $DB_NAME"$RESET @@ -53,7 +56,7 @@ else exit 1 fi -read -s -p "Enter postgres Password: " PG_PASS +read -s -p "Enter postgres password: " PG_PASS echo PGPASSWORD=$PG_PASS psql -v ON_ERROR_STOP=1 -h $DB_HOST -U postgres -c "drop database if exists $DB_NAME" > /dev/null @@ -65,7 +68,8 @@ handleError "Could not create database $DB_NAME" PGPASSWORD=$PG_PASS psql -v ON_ERROR_STOP=1 -h $DB_HOST -U postgres -c "drop user if exists $DB_USER" > /dev/null PGPASSWORD=$PG_PASS psql -v ON_ERROR_STOP=1 -h $DB_HOST -U postgres -c "create user $DB_USER with encrypted password '$DB_PASS';" > /dev/null - -for file in $REPODIR/db/sql/*.sql; do - execFile $file -done \ No newline at end of file +execFile $REPODIR/db/sql/0-setup.sql postgres $PG_PASS +execFile $REPODIR/db/sql/1-tables.sql $DB_USER $DB_PASS +execFile $REPODIR/db/sql/2-views.sql $DB_USER $DB_PASS +execFile $REPODIR/db/sql/3-functions.sql $DB_USER $DB_PASS +execFile $REPODIR/db/sql/4-permissions.sql postgres $PG_PASS