improve org policy error message responses

2026-06-26 09:09:05 +00:00 · 2026-06-24 16:32:46 -04:00
parent 242123b875
commit 6fe4eee336
21 changed files with 155 additions and 94 deletions
--- a/server/auth/sessions/app.ts
+++ b/server/auth/sessions/app.ts
@@ -12,7 +12,7 @@ import {
    users
 } from "@server/db";
 import { db } from "@server/db";
-import { eq, inArray } from "drizzle-orm";
+import { and, eq, inArray, ne } from "drizzle-orm";
 import config from "@server/lib/config";
 import type { RandomReader } from "@oslojs/crypto/random";
 import { generateRandomString } from "@oslojs/crypto/random";
@@ -136,6 +136,45 @@ export async function invalidateAllSessions(userId: string): Promise<void> {
    }
 }

+export async function invalidateAllSessionsExceptCurrent(
+    userId: string,
+    currentSessionId: string
+): Promise<void> {
+    try {
+        await db.transaction(async (trx) => {
+            const userSessions = await trx
+                .select()
+                .from(sessions)
+                .where(
+                    and(
+                        eq(sessions.userId, userId),
+                        ne(sessions.sessionId, currentSessionId)
+                    )
+                );
+
+            if (userSessions.length > 0) {
+                await trx.delete(resourceSessions).where(
+                    inArray(
+                        resourceSessions.userSessionId,
+                        userSessions.map((s) => s.sessionId)
+                    )
+                );
+            }
+
+            await trx
+                .delete(sessions)
+                .where(
+                    and(
+                        eq(sessions.userId, userId),
+                        ne(sessions.sessionId, currentSessionId)
+                    )
+                );
+        });
+    } catch (e) {
+        logger.error("Failed to invalidate user sessions except current", e);
+    }
+}
+
 export function serializeSessionCookie(
    token: string,
    isSecure: boolean,