Delete previous session tokens at login

2025-06-01 20:37:55 +02:00 · 2025-06-01 20:37:55 +02:00 · f1abbc5a07
commit f1abbc5a07
parent 31c41b339e
3 changed files with 55 additions and 0 deletions
--- a/controller/AuthController.go
+++ b/controller/AuthController.go
@ -88,6 +88,11 @@ func (c AuthController) Login(username string, password string) (string, bool, e
 		return "", false, err
 	}

+	err = c.sessionDAO.DeleteAllByID(user.ID)
+	if err != nil {
+		return "", false, err
+	}
+
 	err = c.sessionDAO.Set(token, user.ID)
 	if err != nil {
 		return "", false, err
--- a/dao/ISessionDAO.go
+++ b/dao/ISessionDAO.go
@ -4,5 +4,6 @@ type ISessionDAO interface {
 	Set(token string, id int) error
 	Get(token string) (int, error)
 	Delete(token string) error
+	DeleteAllByID(id int) error
 	Bump(token string, time int) error
 }
--- a/dao/valkey/SessionDAO.go
+++ b/dao/valkey/SessionDAO.go
@ -34,6 +34,55 @@ func (d SessionDAOVK) Delete(token string) error {
 	return (*d.vk).Do(context.Background(), cmd).Error()
 }

+func (d SessionDAOVK) DeleteAllByID(id int) error {
+	// iterate all session keys
+	var cursor uint64 = 0
+	pattern := SESSION_PREFIX + "*"
+	for {
+		cmd := (*d.vk).B().Scan().Cursor(cursor).Match(pattern).Build()
+
+		result := (*d.vk).Do(context.Background(), cmd)
+		if err := result.Error(); err != nil {
+			return err
+		}
+
+		entry, err := result.AsScanEntry()
+		if err != nil {
+			return err
+		}
+
+		for _, key := range entry.Elements {
+			// get the value of the key
+			cmd = (*d.vk).B().Get().Key(key).Build()
+
+			result := (*d.vk).Do(context.Background(), cmd)
+			if err := result.Error(); err != nil {
+				return err
+			}
+
+			value, err := result.AsInt64()
+			if err != nil {
+				return err
+			}
+
+			// check if the value is the same as our id
+			if value == int64(id) {
+				// if so, delete it
+				cmd = (*d.vk).B().Del().Key(key).Build()
+				result := (*d.vk).Do(context.Background(), cmd)
+				if err := result.Error(); err != nil {
+					return err
+				}
+			}
+		}
+
+		if cursor = entry.Cursor; cursor == 0 {
+			break
+		}
+	}
+	return nil
+}
+
 func (d SessionDAOVK) Bump(token string, time int) error {
 	cmd := (*d.vk).B().Expire().Key(SESSION_PREFIX + token).Seconds(int64(time)).Build()
 	return (*d.vk).Do(context.Background(), cmd).Error()