calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-01-28 22:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

always check resource session length

Browse Source
This commit is contained in:
miloschwartz
2025-10-27 09:45:12 -07:00
parent 9fbea4a380
commit 4cfd1b1ff5
1 changed files with 10 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
server/routers/badger/verifySession.ts
View File

@@ -387,19 +387,17 @@ export async function verifyResourceSession(
if (resourceSession) {
// only run this check if not SSO sesion; SSO session length is checked later
if (!(resourceSessions.userSessionId && sso)) {
const accessPolicy = await enforceResourceSessionLength(
resourceSession,
resourceData.org
);
const accessPolicy = await enforceResourceSessionLength(
resourceSession,
resourceData.org
);
if (!accessPolicy.valid) {
logger.debug(
"Resource session invalid due to org policy:",
accessPolicy.error
);
return notAllowed(res, redirectPath, resource.orgId);
}
if (!accessPolicy.valid) {
logger.debug(
"Resource session invalid due to org policy:",
accessPolicy.error
);
return notAllowed(res, redirectPath, resource.orgId);
}
if (pincode && resourceSession.pincodeId) {