Force-logout older clients and reject any future requests
This commit is contained in:
parent
7afd5582eb
commit
f620ec086d
|
@ -52,7 +52,7 @@ import {
|
|||
} from "./messenger";
|
||||
import { Server as SRPServer, SRPSession } from "./srp";
|
||||
import { DeviceInfo, getCryptoProvider } from "./platform";
|
||||
import { getIdFromEmail, uuid, removeTrailingSlash } from "./util";
|
||||
import { getIdFromEmail, uuid, removeTrailingSlash, compareVersions } from "./util";
|
||||
import { loadLanguage } from "@padloc/locale/src/translate";
|
||||
import { Logger, VoidLogger } from "./logging";
|
||||
import { PBES2Container } from "./container";
|
||||
|
@ -86,6 +86,9 @@ export class ServerConfig extends Config {
|
|||
@ConfigParam()
|
||||
scimServerUrl = "http://localhost:5000";
|
||||
|
||||
@ConfigParam()
|
||||
oldestAllowedVersion = "4.0.0";
|
||||
|
||||
constructor(init: Partial<ServerConfig> = {}) {
|
||||
super();
|
||||
Object.assign(this, init);
|
||||
|
@ -176,6 +179,11 @@ export class Controller extends API {
|
|||
}
|
||||
}
|
||||
|
||||
// Force-logout v3 clients
|
||||
if (compareVersions(session.device?.appVersion || "", this.config.oldestAllowedVersion) < 0) {
|
||||
throw new Err(ErrorCode.SESSION_EXPIRED);
|
||||
}
|
||||
|
||||
// Reject expired sessions
|
||||
if (session.expires && session.expires < new Date()) {
|
||||
throw new Err(ErrorCode.SESSION_EXPIRED);
|
||||
|
@ -1956,6 +1964,14 @@ export class Server {
|
|||
const controller = this.makeController(context);
|
||||
await controller.authenticate(req, context);
|
||||
|
||||
// Reject requests from older clients
|
||||
if (compareVersions(req.device?.appVersion || "", this.config.oldestAllowedVersion) < 0) {
|
||||
throw new Err(
|
||||
ErrorCode.UNSUPPORTED_VERSION,
|
||||
"This version of Padloc is no longer supported. Please download the latest version from https://docs.padloc.app/downloads. We appologize for the inconvenience!"
|
||||
);
|
||||
}
|
||||
|
||||
const done = await this._addToQueue(context);
|
||||
|
||||
try {
|
||||
|
|
|
@ -231,3 +231,17 @@ export function setPath(obj: any, path: string, value: any) {
|
|||
obj[path] = value;
|
||||
}
|
||||
}
|
||||
|
||||
export function compareVersions(a: string, b: string) {
|
||||
function norm(version: string): string {
|
||||
return version
|
||||
.split(".")
|
||||
.map((part) => part.padStart(3, "0"))
|
||||
.join();
|
||||
}
|
||||
|
||||
const normedA = norm(a);
|
||||
const normedB = norm(b);
|
||||
|
||||
return normedA < normedB ? -1 : normedA > normedB ? 1 : 0;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue