From 30cae9097f2979048a2491b2ec032aa9548121a2 Mon Sep 17 00:00:00 2001 From: mluto Date: Sun, 31 Mar 2013 10:27:21 +0200 Subject: [PATCH 1/2] When there is just one session and this one is invalid SecurityManager.checkAccess would cause the request to hang forever because the callback is omitted for each invalid session, this fixes this issue. validSession still remains false so this does not cause issues further down. --- src/node/db/SecurityManager.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/node/db/SecurityManager.js b/src/node/db/SecurityManager.js index d3a98446d..410204e01 100644 --- a/src/node/db/SecurityManager.js +++ b/src/node/db/SecurityManager.js @@ -131,7 +131,11 @@ exports.checkAccess = function (padID, sessionCookie, token, password, callback) sessionManager.getSessionInfo(sessionID, function(err, sessionInfo) { //skip session if it doesn't exist - if(err && err.message == "sessionID does not exist") return; + if(err && err.message == "sessionID does not exist") + { + callback(); + return; + } if(ERR(err, callback)) return; From 911bfb30e4d1f11ea569cc0d922085821dd23158 Mon Sep 17 00:00:00 2001 From: mluto Date: Sun, 31 Mar 2013 10:56:14 +0200 Subject: [PATCH 2/2] Log when a sessionID in checkAccess is not found --- src/node/db/SecurityManager.js | 1 + 1 file changed, 1 insertion(+) diff --git a/src/node/db/SecurityManager.js b/src/node/db/SecurityManager.js index 410204e01..06e58bc4b 100644 --- a/src/node/db/SecurityManager.js +++ b/src/node/db/SecurityManager.js @@ -133,6 +133,7 @@ exports.checkAccess = function (padID, sessionCookie, token, password, callback) //skip session if it doesn't exist if(err && err.message == "sessionID does not exist") { + authLogger.debug("Auth failed: unknown session"); callback(); return; }