Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-08-02 05:02:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 🎸 Ask user to login if any MFA configs are changed

Browse Source
This commit is contained in:
Jin 2025-03-26 00:04:55 +01:00
parent c2a6d517f0
commit c1ed471403
3 changed files with 55 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/express.d.ts vendored
View File

@ -4,6 +4,10 @@ export declare module "express-serve-static-core" {
interface Request { interface Request {
session: Session & { session: Session & {
loggedIn: boolean; loggedIn: boolean;
lastAuthState: {
totpEnabled: boolean;
ssoEnabled: boolean;
};
}; };
headers: { headers: {
"x-local-date"?: string; "x-local-date"?: string;

6
src/routes/login.ts
View File

@ -88,6 +88,12 @@ function login(req: Request, res: Response) {
req.session.cookie.maxAge = undefined; req.session.cookie.maxAge = undefined;
} }
// 记录当前的认证状态
req.session.lastAuthState = {
totpEnabled: totp.isTotpEnabled(),
ssoEnabled: open_id.isOpenIDEnabled()
};
req.session.loggedIn = true; req.session.loggedIn = true;
res.redirect('.'); res.redirect('.');
}); });

46
src/routes/session_parser.ts
View File

@ -3,6 +3,10 @@ import sessionFileStore from "session-file-store";
import sessionSecret from "../services/session_secret.js"; import sessionSecret from "../services/session_secret.js";
import dataDir from "../services/data_dir.js"; import dataDir from "../services/data_dir.js";
import config from "../services/config.js"; import config from "../services/config.js";
import totp from "../services/totp.js";
import open_id from "../services/open_id.js";
import type { Request, Response, NextFunction } from "express";
const FileStore = sessionFileStore(session); const FileStore = sessionFileStore(session);
const sessionParser = session({ const sessionParser = session({
@ -21,4 +25,44 @@ const sessionParser = session({
}) })
}); });
export default sessionParser; // 创建一个检查认证状态的中间件
const checkAuthState = (req: Request, res: Response, next: NextFunction) => {
// 如果用户未登录或者是登录页面,直接继续
if (!req.session.loggedIn || req.path === '/login') {
return next();
}
const currentTotpStatus = totp.isTotpEnabled();
const currentSsoStatus = open_id.isOpenIDEnabled();
// 从 session 中获取上次登录时的认证状态
const lastAuthState = req.session.lastAuthState || {
totpEnabled: false,
ssoEnabled: false
};
// 检查认证状态是否发生变化
if (lastAuthState.totpEnabled !== currentTotpStatus ||
lastAuthState.ssoEnabled !== currentSsoStatus) {
// 如果认证状态发生变化,先销毁当前 session
req.session.destroy((err) => {
if (err) {
console.error('Error destroying session:', err);
}
// 清除 cookie
res.clearCookie('trilium.sid');
// 重定向到登录页面
res.redirect('/login');
});
return;
}
next();
};
// 导出一个组合的中间件
export default function (req: Request, res: Response, next: NextFunction) {
sessionParser(req, res, () => {
checkAuthState(req, res, next);
});
}