Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(user): implement session cleanup on user update

Browse Source 
- Added functionality to delete old sessions when a user updates their password, ensuring that only the current session remains active.
- This change enhances security by preventing unauthorized access from previous sessions after a password change.

Close here https://github.com/Dokploy/dokploy/security/advisories/GHSA-rr9m-w87g-46f3
This commit is contained in:
Mauricio Siu
2026-05-13 00:49:32 -06:00
parent 67278d8783
commit 1fdbe87d84
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
apps/dokploy/server/api/routers/user.ts
View File

@@ -23,6 +23,7 @@ import {
apiUpdateUser, apiUpdateUser,
invitation, invitation,
member, member,
session,
user, user,
} from "@dokploy/server/db/schema"; } from "@dokploy/server/db/schema";
import { import {
@@ -32,7 +33,7 @@ import {
import { hasValidLicense } from "@dokploy/server/services/proprietary/license-key"; import { hasValidLicense } from "@dokploy/server/services/proprietary/license-key";
import { TRPCError } from "@trpc/server"; import { TRPCError } from "@trpc/server";
import * as bcrypt from "bcrypt"; import * as bcrypt from "bcrypt";
import { and, asc, eq, gt } from "drizzle-orm"; import { and, asc, eq, gt, ne } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { audit } from "@/server/api/utils/audit"; import { audit } from "@/server/api/utils/audit";
import { import {
@@ -229,6 +230,15 @@ export const userRouter = createTRPCRouter({
password: bcrypt.hashSync(input.password, 10), password: bcrypt.hashSync(input.password, 10),
}) })
.where(eq(account.userId, ctx.user.id)); .where(eq(account.userId, ctx.user.id));
await db
.delete(session)
.where(
and(
eq(session.userId, ctx.user.id),
ne(session.id, ctx.session.id),
),
);
} }
try { try {