fix: use correct path for token file deletion in clearSessionData and logOutSession#2480
Open
Aitriq wants to merge 1 commit intowppconnect-team:mainfrom
Open
fix: use correct path for token file deletion in clearSessionData and logOutSession#2480Aitriq wants to merge 1 commit intowppconnect-team:mainfrom
Aitriq wants to merge 1 commit intowppconnect-team:mainfrom
Conversation
… logOutSession Token files in `tokens/` directory were never deleted because of broken path construction using string concatenation (`__dirname + '../../../tokens/...'`). This resulted in an invalid path that `fs.existsSync()` always returned false for. Use `path.resolve(process.cwd(), 'tokens', ...)` instead — the same approach used by `FileTokenStore.resolverPath()` in the WPPConnect client library. Fixes wppconnect-team#2102 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
clearSessionDataandlogOutSessionfail to delete token files from thetokens/directory due to incorrect path construction. This causes orphaned sessions to persist inshow-all-sessionsresponses even after session data has been cleared.Bug
Both controllers use
__dirname + '../../../tokens/${session}.data.json'to build the token file path. This has two issues:__dirnamedoes not end with/, so the resulting path is malformed (e.g./opt/wppconnect-server/dist/controller../../../tokens/...)../— depending on whether the code runs fromsrc/ordist/, three levels up may not resolve to the project rootMeanwhile,
FileTokenStorealready uses the correct approach:path.resolve(process.cwd(), './tokens/').Fix
Replace
__dirname + '../../../tokens/...'withpath.resolve(process.cwd(), 'tokens', ...)in both:src/controller/miscController.ts(clearSessionData)src/controller/sessionController.ts(logOutSession)Also fix variable shadowing in
clearSessionDatawhereconst path = config.customUserDataDir + sessionshadows thepathimport.Impact
Without this fix, calling
clear-session-dataorlogout-sessionremoves the Chrome user data directory but leaves the token file on disk. On restart,show-all-sessions(viagetAllTokens) still lists these ghost sessions and attempts to restore them — potentially spawning hundreds of unnecessary Chrome processes.Tested on production with v2.9.0.
Test plan
tokens/clear-session-data→ verify token file is deletedshow-all-sessions→ verify session no longer appears