Skip to content

feat: add WsJwtAuthGuard to CollaborationGateway and periodic session index cleanup#920

Merged
RUKAYAT-CODER merged 1 commit into
rinafcode:mainfrom
Nimatstar:feat/ws-jwt-guard-session-cleanup-885-887
Jun 28, 2026
Merged

feat: add WsJwtAuthGuard to CollaborationGateway and periodic session index cleanup#920
RUKAYAT-CODER merged 1 commit into
rinafcode:mainfrom
Nimatstar:feat/ws-jwt-guard-session-cleanup-885-887

Conversation

@Nimatstar

Copy link
Copy Markdown
Contributor

Summary

  • Add WebSocket authentication guard to CollaborationGateway using JWT validation #887 — Created WsJwtAuthGuard that validates JWT tokens from WebSocket handshake (auth.token or query param ?token=). Applied @UseGuards(WsJwtAuthGuard) to CollaborationGateway so unauthenticated clients are rejected before any message handler runs. JwtModule is now registered in CollaborationModule.

  • Add periodic expired session cleanup job to prevent Redis memory growth #885 — Added three Redis sorted-set helpers to SessionService (addSessionToUserIndex, removeSessionFromUserIndex, getUserSessionIds) to maintain user:sessions:{userId} indexes. Created SessionCleanupTask with an hourly @Cron job that scans all index keys, checks whether each session still exists in Redis, removes stale entries, and increments a session_cleanup_removed_total Prometheus counter.

Test plan

  • pnpm run lint:ci — no lint errors
  • pnpm run build — TypeScript compiles cleanly
  • src/collaboration/guards/ws-jwt-auth.guard.spec.ts — 5 tests: missing token, invalid token, valid auth.token, valid query.token, token precedence
  • src/session/tasks/session-cleanup.task.spec.ts — 5 tests: empty scan, stale removal, live session kept, multi-page cursor, error resilience
  • src/session/session.service.spec.ts — existing 13 tests still pass

closes #885
closes #887

@drips-wave

drips-wave Bot commented Jun 28, 2026

Copy link
Copy Markdown

@Nimatstar Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

… index cleanup

- Create WsJwtAuthGuard that validates JWT from handshake auth.token or query.token
- Apply @UseGuards(WsJwtAuthGuard) to CollaborationGateway class
- Register JwtModule in CollaborationModule to provide JwtService
- Add addSessionToUserIndex/removeSessionFromUserIndex/getUserSessionIds to SessionService
- Add SessionCleanupTask with @Cron(EVERY_HOUR) that removes stale members from
  user:sessions:{userId} sorted sets and tracks removals via a Prometheus counter

Closes rinafcode#885
Closes rinafcode#887
@Nimatstar Nimatstar force-pushed the feat/ws-jwt-guard-session-cleanup-885-887 branch from 5ec5621 to 7fb1625 Compare June 28, 2026 07:56
@RUKAYAT-CODER

Copy link
Copy Markdown
Contributor

Thank you for contributing to the project

@RUKAYAT-CODER RUKAYAT-CODER merged commit 25e2fc4 into rinafcode:main Jun 28, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

2 participants