fix: add namespace to session token keys

2022-06-29 22:24:00 +05:30
parent e6a4670ba9
commit 2a5d5d43b0
24 changed files with 258 additions and 149 deletions
--- a/server/resolvers/validate_jwt_token.go
+++ b/server/resolvers/validate_jwt_token.go
@@ -50,7 +50,12 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
 	// access_token and refresh_token should be validated from session store as well
 	if tokenType == constants.TokenTypeAccessToken || tokenType == constants.TokenTypeRefreshToken {
 		nonce = claims["nonce"].(string)
-		token, err := memorystore.Provider.GetUserSession(userID, tokenType+"_"+claims["nonce"].(string))
+		loginMethod := claims["login_method"]
+		sessionKey := userID
+		if loginMethod != nil && loginMethod != "" {
+			sessionKey = loginMethod.(string) + ":" + userID
+		}
+		token, err := memorystore.Provider.GetUserSession(sessionKey, tokenType+"_"+claims["nonce"].(string))
 		if err != nil || token == "" {
 			log.Debug("Failed to get user session: ", err)
 			return nil, errors.New("invalid token")