Bumped version number

package-lock.json

@@ -19,7 +19,7 @@
         "node-cron": "^3.0.2",
         "node-fetch": "^2.6.7",
         "nodemailer": "^6.8.0",
-        "sequelize": "^6.25.5"
+        "sequelize": "^6.25.8"
       },
       "devDependencies": {
         "nodemon": "^2.0.20"
@@ -72,9 +72,9 @@
       }
     },
     "node_modules/anymatch": {
-      "version": "3.1.2",
+      "version": "3.1.3",
-      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz",
+      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz",
-      "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==",
+      "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==",
       "dev": true,
       "dependencies": {
         "normalize-path": "^3.0.0",
@@ -804,9 +804,9 @@
       }
     },
     "node_modules/moment-timezone": {
-      "version": "0.5.38",
+      "version": "0.5.39",
-      "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.38.tgz",
+      "resolved": "https://registry.npmjs.org/moment-timezone/-/moment-timezone-0.5.39.tgz",
-      "integrity": "sha512-nMIrzGah4+oYZPflDvLZUgoVUO4fvAqHstvG3xAUnMolWncuAiLDWNnJZj6EwJGMGfb1ZcuTFE6GI3hNOVWI/Q==",
+      "integrity": "sha512-hoB6suq4ISDj7BDgctiOy6zljBsdYT0++0ZzZm9rtxIvJhIbQ3nmbgSWe7dNFGurl6/7b1OUkHlmN9JWgXVz7w==",
       "dependencies": {
         "moment": ">= 2.9.0"
       },
@@ -1121,9 +1121,9 @@
       "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="
     },
     "node_modules/sequelize": {
-      "version": "6.25.5",
+      "version": "6.25.8",
-      "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.25.5.tgz",
+      "resolved": "https://registry.npmjs.org/sequelize/-/sequelize-6.25.8.tgz",
-      "integrity": "sha512-QwA2kL4lSNy4mYTv1Zm4DjvloZLaYajuYF5QMOv0O7FameMUEl8Q5zOWRD+FNKGCLzyOJ28gQCo3HX0N9mcssA==",
+      "integrity": "sha512-GDjbN3P9KRjxL+ATNPMWU0RFAO3KviGzvowajqPCkvEdcEW9CFL4d0iDR/SFAf+JiQ7/2BQ4O3PBLBxNlnVNWw==",
       "funding": [
         {
           "type": "opencollective",
@@ -1268,9 +1268,9 @@
       }
     },
     "node_modules/simple-update-notifier": {
-      "version": "1.0.7",
+      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/simple-update-notifier/-/simple-update-notifier-1.0.7.tgz",
+      "resolved": "https://registry.npmjs.org/simple-update-notifier/-/simple-update-notifier-1.1.0.tgz",
-      "integrity": "sha512-BBKgR84BJQJm6WjWFMHgLVuo61FBDSj1z/xSFUIozqO6wO7ii0JxCqlIud7Enr/+LhlbNI0whErq96P2qHNWew==",
+      "integrity": "sha512-VpsrsJSUcJEseSbMHkrsrAVSdvVS5I96Qo1QAQ4FxQ9wXFcB+pjj7FB7/us9+GcgfW4ziHtYMc1J0PLczb55mg==",
       "dev": true,
       "dependencies": {
         "semver": "~7.0.0"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "auth-server",
-  "version": "1.6.4",
+  "version": "1.6.5",
   "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
   "main": "server/server.js",
   "scripts": {
@@ -29,7 +29,7 @@
     "node-cron": "^3.0.2",
     "node-fetch": "^2.6.7",
     "nodemailer": "^6.8.0",
-    "sequelize": "^6.25.5"
+    "sequelize": "^6.25.8"
   },
   "devDependencies": {
     "nodemon": "^2.0.20"

server/server.js

@@ -36,6 +36,17 @@ app.get('*', (req, res) => {
 
 //startup
 server.listen(process.env.WEB_PORT || 3200, async (err) => {
+	//BUGFIX: clear out old refresh tokens
+	const { Op } = require('sequelize');
+	const { tokens } = require('./database/models');
+	tokens.destroy({
+		where: {
+			createdAt: {
+				[Op.lt]: new Date(new Date().setDate(new Date().getDate() - 30))
+			}
+		}
+	});
+
 	await database.sync();
 	console.log(`listening to localhost:${process.env.WEB_PORT || 3200}`);
 });

tools/react/token-provider.jsx

@@ -9,6 +9,12 @@ const TokenProvider = props => {
 	//state to be used
 	const [accessToken, setAccessToken] = useState('');
 
+	//force a logout under certain conditions
+	const forceLogout = () => {
+		localStorage.removeItem("accessToken");
+		setAccessToken("");
+	};
+
 	//make the access token persist between reloads
 	useEffect(() => {
 		setAccessToken(localStorage.getItem("accessToken") || '');
@@ -47,6 +53,9 @@ const TokenProvider = props => {
 
 			//any errors, throw them
 			if (!response.ok) {
+				if (response.status == 403) {
+					forceLogout();
+				}
 				throw `${response.status}: ${await response.text()}`;
 			}
 
@@ -82,6 +91,9 @@ const TokenProvider = props => {
 
 			//any errors, throw them
 			if (!response.ok) {
+				if (response.status == 403) {
+					forceLogout();
+				}
 				throw `${response.status}: ${await response.text()}`;
 			}