mirror of
https://github.com/bitwarden/browser
synced 2024-12-25 17:32:46 +01:00
[bug] Fix logout timeout action for inactive accounts (#660)
* [bug] Fix logout timeout action for inactive accounts * Pass userId in to the logout callback parameter to the vaultTimeoutService. The message handle in desktop already expects this. * Set lastActive on account login, and null it on account deauthentication. This prevents an issue where newly logged in accounts immediatly time out due to inactivity. * Add userId to locked callbacks * Add userId to log out callback
This commit is contained in:
parent
8cb029947b
commit
c282ef8575
@ -313,7 +313,8 @@ import { StateFactory } from "jslib-common/factories/stateFactory";
|
||||
keyConnectorService,
|
||||
stateService,
|
||||
null,
|
||||
async () => messagingService.send("logout", { expired: false })
|
||||
async (userId?: string) =>
|
||||
messagingService.send("logout", { expired: false, userId: userId })
|
||||
),
|
||||
deps: [
|
||||
CipherServiceAbstraction,
|
||||
|
@ -121,6 +121,7 @@ export class StateService<
|
||||
await this.storageService.save(keys.authenticatedAccounts, this.state.authenticatedAccounts);
|
||||
this.state.accounts[account.profile.userId] = account;
|
||||
await this.scaffoldNewAccountStorage(account);
|
||||
await this.setLastActive(new Date().getTime(), { userId: account.profile.userId });
|
||||
await this.setActiveUser(account.profile.userId);
|
||||
this.activeAccount.next(account.profile.userId);
|
||||
}
|
||||
@ -2437,6 +2438,7 @@ export class StateService<
|
||||
|
||||
protected async deAuthenticateAccount(userId: string) {
|
||||
await this.setAccessToken(null, { userId: userId });
|
||||
await this.setLastActive(null, { userId: userId });
|
||||
const index = this.state.authenticatedAccounts.indexOf(userId);
|
||||
if (index > -1) {
|
||||
this.state.authenticatedAccounts.splice(index, 1);
|
||||
|
@ -29,7 +29,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
||||
private policyService: PolicyService,
|
||||
private keyConnectorService: KeyConnectorService,
|
||||
private stateService: StateService,
|
||||
private lockedCallback: () => Promise<void> = null,
|
||||
private lockedCallback: (userId?: string) => Promise<void> = null,
|
||||
private loggedOutCallback: (userId?: string) => Promise<void> = null
|
||||
) {}
|
||||
|
||||
@ -87,7 +87,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
||||
(pinSet[0] && (await this.stateService.getDecryptedPinProtected()) != null) || pinSet[1];
|
||||
|
||||
if (!pinLock && !(await this.isBiometricLockSet())) {
|
||||
await this.logOut();
|
||||
await this.logOut(userId);
|
||||
}
|
||||
}
|
||||
|
||||
@ -110,7 +110,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
||||
this.messagingService.send("locked", { userId: userId });
|
||||
|
||||
if (this.lockedCallback != null) {
|
||||
await this.lockedCallback();
|
||||
await this.lockedCallback(userId);
|
||||
}
|
||||
}
|
||||
|
||||
@ -198,6 +198,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
||||
|
||||
private async executeTimeoutAction(userId: string): Promise<void> {
|
||||
const timeoutAction = await this.stateService.getVaultTimeoutAction({ userId: userId });
|
||||
timeoutAction === "logOut" ? await this.logOut() : await this.lock(true, userId);
|
||||
timeoutAction === "logOut" ? await this.logOut(userId) : await this.lock(true, userId);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user