admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-16 09:36:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(core): Prevent session hijacking (#9057)

Browse Source
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
2024-04-09 11:20:35 +02:00
committed by GitHub
parent 5793e5644a
commit 28261047c3
15 changed files with 124 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/cli/src/controllers/me.controller.ts
View File

@@ -85,7 +85,7 @@ export class MeController {
this.logger.info('User updated successfully', { userId });
this.authService.issueCookie(res, user);
this.authService.issueCookie(res, user, req.browserId);
const updatedKeys = Object.keys(payload);
void this.internalHooks.onUserUpdate({
@@ -138,7 +138,7 @@ export class MeController {
const updatedUser = await this.userRepository.save(user, { transaction: false });
this.logger.info('Password updated successfully', { userId: user.id });
this.authService.issueCookie(res, updatedUser);
this.authService.issueCookie(res, updatedUser, req.browserId);
void this.internalHooks.onUserUpdate({
user: updatedUser,