undesiredmonk
04/10/2023, 4:26 AMrp
04/10/2023, 5:36 AMsession.revokeSession
.
An alternative method would be to have a cronjob in your system which would check for each user if their subscription has finished and then if it has, then call the session.revokeAllSessionsForUser function for that user. This will log the user out the next time their session refreshes.undesiredmonk
04/10/2023, 5:49 AMrp
04/10/2023, 6:03 AMundesiredmonk
04/10/2023, 6:54 AMexport const verifySession = (options?: VerifySessionOptions) => {
return async (req: SessionRequest, reply: FastifyReply) => {
try {
if (options?.sessionRequired === false) {
(req as any).session = await Session.getSession(req, reply, {
antiCsrfCheck: options?.antiCsrfCheck,
overrideGlobalClaimValidators: options?.overrideGlobalClaimValidators,
sessionRequired: false,
});
} else {
(req as any).session = await Session.getSession(req, reply, {
antiCsrfCheck: options?.antiCsrfCheck,
overrideGlobalClaimValidators: options?.overrideGlobalClaimValidators,
sessionRequired: true,
});
const payload = req.session?.getAccessTokenPayload();
const isSubscribed = payload.isSubscribed
if (!isSubscribed) {
await req.session?.revokeSession();
reply.status(401);
}
}
} catch (error) {
if (SuperTokensError.isErrorFromSuperTokens(error)) {
switch (error.type) {
case Session.Error.TRY_REFRESH_TOKEN: {
reply
.status(401)
.send({ message: Session.Error.TRY_REFRESH_TOKEN });
break;
}
case Session.Error.UNAUTHORISED: {
reply.status(401).send({ message: Session.Error.UNAUTHORISED });
break;
}
case Session.Error.TOKEN_THEFT_DETECTED: {
req.session?.revokeSession();
reply
.status(401)
.send({ message: Session.Error.TOKEN_THEFT_DETECTED });
break;
}
case Session.Error.INVALID_CLAIMS: {
reply.status(401).send({ message: Session.Error.INVALID_CLAIMS });
break;
}
}
reply.status(401).send({ message: error.message });
} else {
reply.status(401).send(error);
}
}
};
};
TypeError: res.setHeader is not a function
at appendToServerResponse (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/framework/utils.js:298:9)
at Object.setCookieForServerResponse (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/framework/utils.js:277:12)
at ExpressResponse.setCookie (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/framework/express/framework.js:121:21)
at setCookie (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/recipe/session/cookieAndHeaders.js:103:16)
at Object.attachAccessTokenToCookie (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/recipe/session/cookieAndHeaders.js:26:5)
at Object.<anonymous> (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:212:40)
at Generator.next (<anonymous>)
at fulfilled (/node_modules/.pnpm/supertokens-node@12.1.4/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:15:36)
at runMicrotasks (<anonymous>)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
rp
04/11/2023, 2:25 PMundesiredmonk
04/11/2023, 2:35 PM