🪻 distributed transcription service
thistle.dunkirk.sh
bug: fix session self kill failure thnks to @mpkendall
+42
-1
+2
-1
src/components/user-settings.ts
+2
-1
src/components/user-settings.ts
+32
src/index.test.ts
+32
src/index.test.ts
···
600
600
601
601
expect(response.status).toBe(404);
602
602
});
603
+
604
+
serverTest("should not delete current session", async () => {
605
+
// Register user
606
+
const hashedPassword = await clientHashPassword(
607
+
TEST_USER.email,
608
+
TEST_USER.password,
609
+
);
610
+
const registerResponse = await fetch(`${BASE_URL}/api/auth/register`, {
611
+
method: "POST",
612
+
headers: { "Content-Type": "application/json" },
613
+
body: JSON.stringify({
614
+
email: TEST_USER.email,
615
+
password: hashedPassword,
616
+
}),
617
+
});
618
+
const sessionCookie = extractSessionCookie(registerResponse);
619
+
620
+
// Try to delete own current session
621
+
const response = await authRequest(
622
+
`${BASE_URL}/api/sessions`,
623
+
sessionCookie,
624
+
{
625
+
method: "DELETE",
626
+
headers: { "Content-Type": "application/json" },
627
+
body: JSON.stringify({ sessionId: sessionCookie }),
628
+
},
629
+
);
630
+
631
+
expect(response.status).toBe(400);
632
+
const data = await response.json();
633
+
expect(data.error).toContain("Cannot kill current session");
634
+
});
603
635
});
604
636
});
605
637
+8
src/index.ts
+8
src/index.ts
···
456
456
user_agent: s.user_agent,
457
457
created_at: s.created_at,
458
458
expires_at: s.expires_at,
459
+
is_current: s.id === sessionId,
459
460
})),
460
461
});
461
462
},
···
473
474
if (!targetSessionId) {
474
475
return Response.json(
475
476
{ error: "Session ID required" },
477
+
{ status: 400 },
478
+
);
479
+
}
480
+
// Prevent deleting current session
481
+
if (targetSessionId === currentSessionId) {
482
+
return Response.json(
483
+
{ error: "Cannot kill current session. Use logout instead." },
476
484
{ status: 400 },
477
485
);
478
486
}