diff --git a/server/core/lib/schedulers/update-token-session-scheduler.ts b/server/core/lib/schedulers/update-token-session-scheduler.ts index b256ac4cb..b6e5a2b8e 100644 --- a/server/core/lib/schedulers/update-token-session-scheduler.ts +++ b/server/core/lib/schedulers/update-token-session-scheduler.ts @@ -1,28 +1,45 @@ -import { MOAuthToken } from '@server/types/models/index.js' +import { OAuthTokenModel } from '@server/models/oauth/oauth-token.js' import { SCHEDULER_INTERVALS_MS } from '../../initializers/constants.js' import { AbstractScheduler } from './abstract-scheduler.js' +type UpdatePayload = { + id: number + lastActivityDate: Date + lastActivityIP: string + lastActivityDevice: string +} + export class UpdateTokenSessionScheduler extends AbstractScheduler { private static instance: UpdateTokenSessionScheduler protected schedulerIntervalMs = SCHEDULER_INTERVALS_MS.UPDATE_TOKEN_SESSION - private readonly toUpdate = new Set() + private readonly toUpdate = new Set() private constructor () { super() } - addToUpdate (token: MOAuthToken) { - this.toUpdate.add(token) + addToUpdate (payload: UpdatePayload) { + this.toUpdate.add(payload) } protected async internalExecute () { const toUpdate = Array.from(this.toUpdate) this.toUpdate.clear() - for (const token of toUpdate) { - await token.save() + for (const payload of toUpdate) { + await OAuthTokenModel.update({ + lastActivityDate: payload.lastActivityDate, + lastActivityIP: payload.lastActivityIP, + lastActivityDevice: payload.lastActivityDevice + }, { + where: { + id: payload.id + }, + // Prevent tokens cache invalidation, we don't update fields that are meaningful for this cache + hooks: false + }) } } diff --git a/server/core/middlewares/auth.ts b/server/core/middlewares/auth.ts index 61fcc5049..fc5fe5a04 100644 --- a/server/core/middlewares/auth.ts +++ b/server/core/middlewares/auth.ts @@ -13,11 +13,12 @@ export function authenticate (req: express.Request, res: express.Response, next: res.locals.oauth = { token } res.locals.authenticated = true - token.lastActivityDate = new Date() - token.lastActivityIP = req.ip - token.lastActivityDevice = req.header('user-agent') - - UpdateTokenSessionScheduler.Instance.addToUpdate(token) + UpdateTokenSessionScheduler.Instance.addToUpdate({ + id: token.id, + lastActivityDate: new Date(), + lastActivityIP: req.ip, + lastActivityDevice: req.header('user-agent') + }) return next() }) diff --git a/server/core/types/models/oauth/oauth-token.ts b/server/core/types/models/oauth/oauth-token.ts index a15166d15..4c1ec0480 100644 --- a/server/core/types/models/oauth/oauth-token.ts +++ b/server/core/types/models/oauth/oauth-token.ts @@ -7,8 +7,9 @@ type Use = PickWith // ############################################################################ export type MOAuthToken = Omit +export type MOAuthTokenLight = Omit export type MOAuthTokenUser = - & MOAuthToken + & MOAuthTokenLight & Use<'User', MUserAccountUrl> & { user?: MUserAccountUrl } diff --git a/server/core/types/plugins/register-server-auth.model.ts b/server/core/types/plugins/register-server-auth.model.ts index b955f6183..e358f270a 100644 --- a/server/core/types/plugins/register-server-auth.model.ts +++ b/server/core/types/plugins/register-server-auth.model.ts @@ -1,6 +1,6 @@ -import express from 'express' import { UserAdminFlagType, UserRoleType } from '@peertube/peertube-models' -import { MOAuthToken, MUser } from '../models/index.js' +import express from 'express' +import { MOAuthTokenLight, MUser } from '../models/index.js' export type RegisterServerAuthOptions = RegisterServerAuthPassOptions | RegisterServerAuthExternalOptions @@ -47,7 +47,7 @@ interface RegisterServerAuthBase { // Your plugin can hook PeerTube access/refresh token validity // So you can control for your plugin the user session lifetime - hookTokenValidity?(options: { token: MOAuthToken, type: 'access' | 'refresh' }): Promise<{ valid: boolean }> + hookTokenValidity?(options: { token: MOAuthTokenLight, type: 'access' | 'refresh' }): Promise<{ valid: boolean }> } export interface RegisterServerAuthPassOptions extends RegisterServerAuthBase {