Fixed potential issue that using session user might outdated cache data

This commit is contained in:
Cheng-Han, Wu 2016-01-31 15:41:10 -06:00
parent 3e48d46514
commit 0f87fd4493
1 changed files with 7 additions and 7 deletions

14
app.js
View File

@ -258,15 +258,15 @@ app.get('/auth/dropbox/callback',
}); });
//logout //logout
app.get('/logout', function (req, res) { app.get('/logout', function (req, res) {
if (config.debug && req.session.passport.user) if (config.debug && req.isAuthenticated())
logger.info('user logout: ' + req.session.passport.user); logger.info('user logout: ' + req.user._id);
req.logout(); req.logout();
res.redirect('/'); res.redirect('/');
}); });
//get history //get history
app.get('/history', function (req, res) { app.get('/history', function (req, res) {
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
User.model.findById(req.session.passport.user, function (err, user) { User.model.findById(req.user._id, function (err, user) {
if (err) { if (err) {
logger.error('read history failed: ' + err); logger.error('read history failed: ' + err);
} else { } else {
@ -286,8 +286,8 @@ app.get('/history', function (req, res) {
app.post('/history', urlencodedParser, function (req, res) { app.post('/history', urlencodedParser, function (req, res) {
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
if (config.debug) if (config.debug)
logger.info('SERVER received history from [' + req.session.passport.user + ']: ' + req.body.history); logger.info('SERVER received history from [' + req.user._id + ']: ' + req.body.history);
User.model.findById(req.session.passport.user, function (err, user) { User.model.findById(req.user._id, function (err, user) {
if (err) { if (err) {
logger.error('write history failed: ' + err); logger.error('write history failed: ' + err);
} else { } else {
@ -310,14 +310,14 @@ app.post('/history', urlencodedParser, function (req, res) {
//get me info //get me info
app.get('/me', function (req, res) { app.get('/me', function (req, res) {
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
User.model.findById(req.session.passport.user, function (err, user) { User.model.findById(req.user._id, function (err, user) {
if (err) { if (err) {
logger.error('read me failed: ' + err); logger.error('read me failed: ' + err);
} else { } else {
var profile = JSON.parse(user.profile); var profile = JSON.parse(user.profile);
res.send({ res.send({
status: 'ok', status: 'ok',
id: req.session.passport.user, id: req.user._id,
name: profile.displayName || profile.username name: profile.displayName || profile.username
}); });
} }