diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-tricks/nullify-me.js b/zefie_wtvp_minisrv/ServiceVault/wtv-tricks/nullify-me.js
new file mode 100644
index 00000000..6ebc5b5b
--- /dev/null
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-tricks/nullify-me.js
@@ -0,0 +1,14 @@
+var minisrv_service_file = true;
+
+if (ssid_sessions[socket.ssid]) {
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store) {
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id != null) {
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id >= 0)
+ ssid_sessions[socket.ssid].switchUserID(null);
+ }
+ }
+ }
+}
+
+headers = "400 You are now nullified.";
diff --git a/zefie_wtvp_minisrv/WTVClientSessionData.js b/zefie_wtvp_minisrv/WTVClientSessionData.js
index 339990fe..c14db9f9 100644
--- a/zefie_wtvp_minisrv/WTVClientSessionData.js
+++ b/zefie_wtvp_minisrv/WTVClientSessionData.js
@@ -362,6 +362,8 @@ class WTVClientSessionData {
} catch (e) {
// Don't log error 'file not found', it just means the client isn't registered yet
if (e.code != "ENOENT") console.error(" # Error loading session data for", this.wtvshared.filterSSID(this.ssid), e);
+ // also wipe any existing session_store
+ this.session_store = {};
return false;
}
}
diff --git a/zefie_wtvp_minisrv/app.js b/zefie_wtvp_minisrv/app.js
index 3360920f..5c3a03c7 100644
--- a/zefie_wtvp_minisrv/app.js
+++ b/zefie_wtvp_minisrv/app.js
@@ -1095,8 +1095,8 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (headers["wtv-incarnation"]) ssid_sessions[socket.ssid].data_store.wtvsec_login.set_incarnation(headers["wtv-incarnation"]);
ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64 = headers["wtv-ticket"];
ssid_sessions[socket.ssid].data_store.wtvsec_login.DecodeTicket(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64);
- if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id) {
- if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id > 0)
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id != null) {
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id >= 0)
ssid_sessions[socket.ssid].switchUserID(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id, true, false);
}
} else {
@@ -1106,7 +1106,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64 = headers["wtv-ticket"];
ssid_sessions[socket.ssid].data_store.wtvsec_login.DecodeTicket(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64);
if (headers["wtv-incarnation"]) ssid_sessions[socket.ssid].data_store.wtvsec_login.set_incarnation(headers["wtv-incarnation"]);
- if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id > 0) {
+ if (ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id >= 0) {
if (ssid_sessions[socket.ssid].user_id != ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id)
switchUserID(ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_store.user_id, true, false);
}
diff --git a/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj b/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
index e6c78481..171ac3e1 100644
--- a/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
+++ b/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
@@ -316,6 +316,9 @@
Code
+
+ Code
+
Code