From 7cedac59daba11db0f120c9765f113e3da0d3224 Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 16:06:49 +0800 Subject: [PATCH 1/7] script: add nc_017_add_user_token_exp_column --- .../src/lib/migrations/XcMigrationSourcev2.ts | 6 ++- .../v2/nc_017_add_user_token_exp_column.ts | 37 +++++++++++++++++++ 2 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts diff --git a/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts b/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts index 7d0de4dc263..8b303131f49 100644 --- a/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts +++ b/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts @@ -4,6 +4,7 @@ import * as nc_013_sync_source from './v2/nc_013_sync_source'; import * as nc_014_alter_column_data_types from './v2/nc_014_alter_column_data_types'; import * as nc_015_add_meta_col_in_column_table from './v2/nc_015_add_meta_col_in_column_table'; import * as nc_016_alter_hooklog_payload_types from './v2/nc_016_alter_hooklog_payload_types'; +import * as nc_017_add_user_token_exp_column from './v2/nc_017_add_user_token_exp_column'; // Create a custom migration source class export default class XcMigrationSourcev2 { @@ -18,7 +19,8 @@ export default class XcMigrationSourcev2 { 'nc_013_sync_source', 'nc_014_alter_column_data_types', 'nc_015_add_meta_col_in_column_table', - 'nc_016_alter_hooklog_payload_types' + 'nc_016_alter_hooklog_payload_types', + 'nc_017_add_user_token_exp_column' ]); } @@ -40,6 +42,8 @@ export default class XcMigrationSourcev2 { return nc_015_add_meta_col_in_column_table; case 'nc_016_alter_hooklog_payload_types': return nc_016_alter_hooklog_payload_types; + case 'nc_017_add_user_token_exp_column': + return nc_017_add_user_token_exp_column; } } } diff --git a/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts b/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts new file mode 100644 index 00000000000..9e4c2e9ae95 --- /dev/null +++ b/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts @@ -0,0 +1,37 @@ +import Knex from 'knex'; + +const up = async (knex: Knex) => { + await knex.schema.alterTable('nc_users_v2', table => { + table.boolean('token_expired').defaultTo(false); + }); +}; + +const down = async knex => { + await knex.schema.alterTable('nc_users_v2', table => { + table.dropColumns('token_expired'); + }); +}; + +export { up, down }; + +/** + * @copyright Copyright (c) 2021, Xgene Cloud Ltd + * + * @author Wing-Kam Wong + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ From 64a2f103733ad890c2678c88c1d7b316c7f4a7be Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 16:08:25 +0800 Subject: [PATCH 2/7] fix: add token_expired --- .../src/lib/meta/api/userApi/userApis.ts | 30 ++++++++++++++----- packages/nocodb/src/lib/models/User.ts | 7 +++-- 2 files changed, 28 insertions(+), 9 deletions(-) diff --git a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts index 927bb1c6e30..a3c7500960d 100644 --- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts +++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts @@ -71,7 +71,8 @@ export async function signup(req: Request, res: Response) { password, email_verification_token, invite_token: null, - invite_token_expires: null + invite_token_expires: null, + email: user.email }); } else { NcError.badRequest('User already exist'); @@ -102,7 +103,8 @@ export async function signup(req: Request, res: Response) { salt, password, email_verification_token, - roles + roles, + token_expired: false }); } user = await User.getByEmail(email); @@ -126,7 +128,8 @@ export async function signup(req: Request, res: Response) { await promisify((req as any).login.bind(req))(user); const refreshToken = randomTokenString(); await User.update(user.id, { - refresh_token: refreshToken + refresh_token: refreshToken, + email: user.email }); setTokenCookie(res, refreshToken); @@ -179,7 +182,9 @@ async function successfulSignIn({ const refreshToken = randomTokenString(); await User.update(user.id, { - refresh_token: refreshToken + refresh_token: refreshToken, + email: user.email, + token_expired: false }); setTokenCookie(res, refreshToken); @@ -249,6 +254,7 @@ async function googleSignin(req, res, next) { function randomTokenString(): string { return crypto.randomBytes(40).toString('hex'); } + function setTokenCookie(res, token): void { // create http only cookie with refresh token that expires in 7 days const cookieOptions = { @@ -285,7 +291,8 @@ async function passwordChange(req: Request, res): Promise { await User.update(user.id, { salt, password, - email: user.email + email: user.email, + token_expired: true }); Audit.insert({ @@ -311,6 +318,7 @@ async function passwordForgot(req: Request, res): Promise { if (user) { const token = uuidv4(); await User.update(user.id, { + email: user.email, reset_password_token: token, reset_password_expires: new Date(Date.now() + 60 * 60 * 1000) }); @@ -363,6 +371,9 @@ async function tokenValidate(req, res): Promise { if (user.reset_password_expires < new Date()) { NcError.badRequest('Password reset url expired'); } + if (user.token_expired) { + NcError.badRequest('Token Expired. Please login again.'); + } res.json(true); } @@ -389,8 +400,10 @@ async function passwordReset(req, res): Promise { await User.update(user.id, { salt, password, + email: user.email, reset_password_expires: null, - reset_password_token: '' + reset_password_token: '', + token_expired: true }); Audit.insert({ @@ -416,6 +429,7 @@ async function emailVerification(req, res): Promise { } await User.update(user.id, { + email: user.email, email_verification_token: '', email_verified: true }); @@ -446,7 +460,9 @@ async function refreshToken(req, res): Promise { const refreshToken = randomTokenString(); await User.update(user.id, { - refresh_token: refreshToken + email: user.email, + refresh_token: refreshToken, + token_expired: false }); setTokenCookie(res, refreshToken); diff --git a/packages/nocodb/src/lib/models/User.ts b/packages/nocodb/src/lib/models/User.ts index 92792da92d5..a9d046fac36 100644 --- a/packages/nocodb/src/lib/models/User.ts +++ b/packages/nocodb/src/lib/models/User.ts @@ -22,6 +22,7 @@ export default class User implements UserType { email_verification_token?: string; email_verified: boolean; roles?: string; + token_expired?: boolean; constructor(data: User) { Object.assign(this, data); @@ -43,7 +44,8 @@ export default class User implements UserType { 'reset_password_token', 'email_verification_token', 'email_verified', - 'roles' + 'roles', + 'token_expired' ]); const { id } = await ncMeta.metaInsert2( null, @@ -71,7 +73,8 @@ export default class User implements UserType { 'reset_password_token', 'email_verification_token', 'email_verified', - 'roles' + 'roles', + 'token_expired' ]); // get existing cache const keys = [ From 3f0d6dd78f21f923667e8246cd8ca0047587d68b Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 16:08:46 +0800 Subject: [PATCH 3/7] fix: return unauthorized if token is expired --- .../src/lib/meta/helpers/ncMetaAclMw.ts | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts index 2164bb030f8..51e93db1b90 100644 --- a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts +++ b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts @@ -2,10 +2,14 @@ import projectAcl from '../../utils/projectAcl'; import { NextFunction, Request, Response } from 'express'; import catchError, { NcError } from './catchError'; import extractProjectIdAndAuthenticate from './extractProjectIdAndAuthenticate'; +import NocoCache from '../../cache/NocoCache'; +import Noco from '../../Noco'; +import { CacheGetType, CacheScope, MetaTable } from '../../utils/globals'; + export default function(handlerFn, permissionName) { return [ extractProjectIdAndAuthenticate, - catchError(function authMiddleware(req, _res, next) { + catchError(async function authMiddleware(req, _res, next) { const roles = req?.session?.passport?.user?.roles; if ( !( @@ -20,6 +24,23 @@ export default function(handlerFn, permissionName) { ) { NcError.unauthorized('Unauthorized access'); } + + // check if the token is still valid + const email = req?.session?.passport?.user?.email; + let user = + email && + (await NocoCache.get( + `${CacheScope.USER}:${email}`, + CacheGetType.TYPE_OBJECT + )); + if (!user) { + user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, { + email + }); + } + if (user.token_expired) { + NcError.unauthorized('Token Expired. Please login again.'); + } next(); }), // @ts-ignore From 6c0516a9fb78c5a8c0184dfb654a0ced6605e80b Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 16:09:17 +0800 Subject: [PATCH 4/7] chore: revise toast message --- packages/nc-gui/plugins/axiosInterceptor.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/nc-gui/plugins/axiosInterceptor.js b/packages/nc-gui/plugins/axiosInterceptor.js index 966610a8183..5529b0704a8 100644 --- a/packages/nc-gui/plugins/axiosInterceptor.js +++ b/packages/nc-gui/plugins/axiosInterceptor.js @@ -77,7 +77,7 @@ export default ({ store, $axios, redirect, $toast, route, app }) => { redirect('/') } else { $toast.clear() - $toast.info('Token expired please login to continue', { + $toast.info('Token Expired. Please login again.', { position: 'bottom-center' }).goAway(5000) redirect('/user/authentication/signin') From 5c45ff316d898a638d4fac9871b394483f00b664 Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 16:09:46 +0800 Subject: [PATCH 5/7] chore: sign out n redirect to sign in page after changing password --- packages/nc-gui/pages/user/settings/index.vue | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packages/nc-gui/pages/user/settings/index.vue b/packages/nc-gui/pages/user/settings/index.vue index 3949a22d107..e214494673b 100644 --- a/packages/nc-gui/pages/user/settings/index.vue +++ b/packages/nc-gui/pages/user/settings/index.vue @@ -227,8 +227,10 @@ export default { newPassword: this.passwordDetails.newPassword } ) - this.$toast.success('Password changed successfully.').goAway(3000) + this.$toast.success('Password changed successfully. Please login again.').goAway(3000) this.$refs.formType[0].reset() + await this.$store.dispatch('users/ActSignOut') + this.$router.push('/user/authentication/signin') } catch (e) { this.$toast .error(await this._extractSdkResponseErrorMsg(e)) From 3704b63b9d39860447f7ab0151f41a7aabcedc41 Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 17:18:01 +0800 Subject: [PATCH 6/7] fix: only check token_expired in non-public base --- .../src/lib/meta/helpers/ncMetaAclMw.ts | 32 ++++++++++--------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts index 51e93db1b90..b2bbad271b3 100644 --- a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts +++ b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts @@ -25,21 +25,23 @@ export default function(handlerFn, permissionName) { NcError.unauthorized('Unauthorized access'); } - // check if the token is still valid - const email = req?.session?.passport?.user?.email; - let user = - email && - (await NocoCache.get( - `${CacheScope.USER}:${email}`, - CacheGetType.TYPE_OBJECT - )); - if (!user) { - user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, { - email - }); - } - if (user.token_expired) { - NcError.unauthorized('Token Expired. Please login again.'); + // check if the token is still valid for non-public base + if (!req?.session?.passport?.user?.isPublicBase) { + const email = req?.session?.passport?.user?.email; + let user = + email && + (await NocoCache.get( + `${CacheScope.USER}:${email}`, + CacheGetType.TYPE_OBJECT + )); + if (!user) { + user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, { + email + }); + } + if (user.token_expired) { + NcError.unauthorized('Token Expired. Please login again.'); + } } next(); }), From 5f08ecbf6714b0ae405053261e05311c00a58d2f Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Mon, 13 Jun 2022 19:05:01 +0800 Subject: [PATCH 7/7] fix: session across broswers --- .../lib/meta/api/userApi/initStrategies.ts | 12 ++++++-- .../src/lib/meta/api/userApi/userApis.ts | 29 ++++++++++++------- .../src/lib/meta/helpers/ncMetaAclMw.ts | 22 -------------- .../src/lib/migrations/XcMigrationSourcev2.ts | 8 ++--- ...> nc_017_add_user_token_version_column.ts} | 4 +-- packages/nocodb/src/lib/models/User.ts | 6 ++-- .../src/lib/v1-legacy/rest/RestAuthCtrl.ts | 6 ++-- 7 files changed, 42 insertions(+), 45 deletions(-) rename packages/nocodb/src/lib/migrations/v2/{nc_017_add_user_token_exp_column.ts => nc_017_add_user_token_version_column.ts} (92%) diff --git a/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts b/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts index 1ffe03e98c8..5eceff31907 100644 --- a/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts +++ b/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts @@ -53,7 +53,8 @@ export function initStrategies(router): void { firstname, lastname, isAuthorized, - isPublicBase + isPublicBase, + token_version }, done ) { @@ -72,7 +73,8 @@ export function initStrategies(router): void { provider, firstname, lastname, - roles + roles, + token_version }); }); @@ -100,11 +102,17 @@ export function initStrategies(router): void { ); if (cachedVal) { + if (cachedVal.token_version !== jwtPayload.token_version) { + return done(new Error('Token Expired. Please login again.')); + } return done(null, cachedVal); } User.getByEmail(jwtPayload?.email) .then(async user => { + if (user.token_version !== jwtPayload.token_version) { + return done(new Error('Token Expired. Please login again.')); + } if (req.ncProjectId) { // this.xcMeta // .metaGet(req.ncProjectId, null, 'nc_projects_users', { diff --git a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts index a3c7500960d..2b8384a9c6e 100644 --- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts +++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts @@ -96,6 +96,8 @@ export async function signup(req: Request, res: Response) { } } + const token_version = randomTokenString(); + await User.insert({ firstname, lastname, @@ -104,7 +106,7 @@ export async function signup(req: Request, res: Response) { password, email_verification_token, roles, - token_expired: false + token_version }); } user = await User.getByEmail(email); @@ -151,7 +153,8 @@ export async function signup(req: Request, res: Response) { firstname: user.firstname, lastname: user.lastname, id: user.id, - roles: user.roles + roles: user.roles, + token_version: user.token_version }, Noco.getConfig().auth.jwt.secret, Noco.getConfig().auth.jwt.options @@ -181,10 +184,15 @@ async function successfulSignIn({ await promisify((req as any).login.bind(req))(user); const refreshToken = randomTokenString(); + let token_version = user.token_version; + if (!token_version) { + token_version = randomTokenString(); + } + await User.update(user.id, { refresh_token: refreshToken, email: user.email, - token_expired: false + token_version }); setTokenCookie(res, refreshToken); @@ -203,7 +211,8 @@ async function successfulSignIn({ firstname: user.firstname, lastname: user.lastname, id: user.id, - roles: user.roles + roles: user.roles, + token_version }, Noco.getConfig().auth.jwt.secret, @@ -292,7 +301,7 @@ async function passwordChange(req: Request, res): Promise { salt, password, email: user.email, - token_expired: true + token_version: null }); Audit.insert({ @@ -320,7 +329,8 @@ async function passwordForgot(req: Request, res): Promise { await User.update(user.id, { email: user.email, reset_password_token: token, - reset_password_expires: new Date(Date.now() + 60 * 60 * 1000) + reset_password_expires: new Date(Date.now() + 60 * 60 * 1000), + token_version: null }); try { const template = (await import('./ui/emailTemplates/forgotPassword')) @@ -371,7 +381,7 @@ async function tokenValidate(req, res): Promise { if (user.reset_password_expires < new Date()) { NcError.badRequest('Password reset url expired'); } - if (user.token_expired) { + if (!user.token_version) { NcError.badRequest('Token Expired. Please login again.'); } res.json(true); @@ -403,7 +413,7 @@ async function passwordReset(req, res): Promise { email: user.email, reset_password_expires: null, reset_password_token: '', - token_expired: true + token_version: null }); Audit.insert({ @@ -461,8 +471,7 @@ async function refreshToken(req, res): Promise { await User.update(user.id, { email: user.email, - refresh_token: refreshToken, - token_expired: false + refresh_token: refreshToken }); setTokenCookie(res, refreshToken); diff --git a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts index b2bbad271b3..944ab25de09 100644 --- a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts +++ b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts @@ -2,9 +2,6 @@ import projectAcl from '../../utils/projectAcl'; import { NextFunction, Request, Response } from 'express'; import catchError, { NcError } from './catchError'; import extractProjectIdAndAuthenticate from './extractProjectIdAndAuthenticate'; -import NocoCache from '../../cache/NocoCache'; -import Noco from '../../Noco'; -import { CacheGetType, CacheScope, MetaTable } from '../../utils/globals'; export default function(handlerFn, permissionName) { return [ @@ -24,25 +21,6 @@ export default function(handlerFn, permissionName) { ) { NcError.unauthorized('Unauthorized access'); } - - // check if the token is still valid for non-public base - if (!req?.session?.passport?.user?.isPublicBase) { - const email = req?.session?.passport?.user?.email; - let user = - email && - (await NocoCache.get( - `${CacheScope.USER}:${email}`, - CacheGetType.TYPE_OBJECT - )); - if (!user) { - user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, { - email - }); - } - if (user.token_expired) { - NcError.unauthorized('Token Expired. Please login again.'); - } - } next(); }), // @ts-ignore diff --git a/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts b/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts index 8b303131f49..dbcd223c7bc 100644 --- a/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts +++ b/packages/nocodb/src/lib/migrations/XcMigrationSourcev2.ts @@ -4,7 +4,7 @@ import * as nc_013_sync_source from './v2/nc_013_sync_source'; import * as nc_014_alter_column_data_types from './v2/nc_014_alter_column_data_types'; import * as nc_015_add_meta_col_in_column_table from './v2/nc_015_add_meta_col_in_column_table'; import * as nc_016_alter_hooklog_payload_types from './v2/nc_016_alter_hooklog_payload_types'; -import * as nc_017_add_user_token_exp_column from './v2/nc_017_add_user_token_exp_column'; +import * as nc_017_add_user_token_version_column from './v2/nc_017_add_user_token_version_column'; // Create a custom migration source class export default class XcMigrationSourcev2 { @@ -20,7 +20,7 @@ export default class XcMigrationSourcev2 { 'nc_014_alter_column_data_types', 'nc_015_add_meta_col_in_column_table', 'nc_016_alter_hooklog_payload_types', - 'nc_017_add_user_token_exp_column' + 'nc_017_add_user_token_version_column' ]); } @@ -42,8 +42,8 @@ export default class XcMigrationSourcev2 { return nc_015_add_meta_col_in_column_table; case 'nc_016_alter_hooklog_payload_types': return nc_016_alter_hooklog_payload_types; - case 'nc_017_add_user_token_exp_column': - return nc_017_add_user_token_exp_column; + case 'nc_017_add_user_token_version_column': + return nc_017_add_user_token_version_column; } } } diff --git a/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts b/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_version_column.ts similarity index 92% rename from packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts rename to packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_version_column.ts index 9e4c2e9ae95..083bcb353d5 100644 --- a/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_exp_column.ts +++ b/packages/nocodb/src/lib/migrations/v2/nc_017_add_user_token_version_column.ts @@ -2,13 +2,13 @@ import Knex from 'knex'; const up = async (knex: Knex) => { await knex.schema.alterTable('nc_users_v2', table => { - table.boolean('token_expired').defaultTo(false); + table.string('token_version'); }); }; const down = async knex => { await knex.schema.alterTable('nc_users_v2', table => { - table.dropColumns('token_expired'); + table.dropColumns('token_version'); }); }; diff --git a/packages/nocodb/src/lib/models/User.ts b/packages/nocodb/src/lib/models/User.ts index a9d046fac36..3b383dc88c5 100644 --- a/packages/nocodb/src/lib/models/User.ts +++ b/packages/nocodb/src/lib/models/User.ts @@ -22,7 +22,7 @@ export default class User implements UserType { email_verification_token?: string; email_verified: boolean; roles?: string; - token_expired?: boolean; + token_version?: string; constructor(data: User) { Object.assign(this, data); @@ -45,7 +45,7 @@ export default class User implements UserType { 'email_verification_token', 'email_verified', 'roles', - 'token_expired' + 'token_version' ]); const { id } = await ncMeta.metaInsert2( null, @@ -74,7 +74,7 @@ export default class User implements UserType { 'email_verification_token', 'email_verified', 'roles', - 'token_expired' + 'token_version' ]); // get existing cache const keys = [ diff --git a/packages/nocodb/src/lib/v1-legacy/rest/RestAuthCtrl.ts b/packages/nocodb/src/lib/v1-legacy/rest/RestAuthCtrl.ts index f7c0a2fc7e0..a7ac48db873 100644 --- a/packages/nocodb/src/lib/v1-legacy/rest/RestAuthCtrl.ts +++ b/packages/nocodb/src/lib/v1-legacy/rest/RestAuthCtrl.ts @@ -42,7 +42,8 @@ passport.serializeUser(function( firstname, lastname, isAuthorized, - isPublicBase + isPublicBase, + token_version }, done ) { @@ -61,7 +62,8 @@ passport.serializeUser(function( provider, firstname, lastname, - roles + roles, + token_version }); });