From 5ccf28488f2bf95bfab87acf22836409723eab8c Mon Sep 17 00:00:00 2001 From: Vivek Patel Date: Tue, 1 Mar 2022 15:33:00 +0530 Subject: [PATCH] Remove all auth tokens of user along with deleting all sessions Also remove `Delete this session` button from each session and, fix issue with auth token access of active login session, even after deleting sessions from admin. --- auth/assets/templates/sessions.html.tpl | 10 ---------- auth/handlers/handle_sessions.go | 10 ++++++++-- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/auth/assets/templates/sessions.html.tpl b/auth/assets/templates/sessions.html.tpl index 2f96f5990e..c9c391745d 100644 --- a/auth/assets/templates/sessions.html.tpl +++ b/auth/assets/templates/sessions.html.tpl @@ -31,16 +31,6 @@ {{ if .Current }}
{{ tr "sessions.template.list.current" }}
{{ end }} - {{ if not .Current }} - - {{ end }}

diff --git a/auth/handlers/handle_sessions.go b/auth/handlers/handle_sessions.go index d04da66579..95ace00daa 100644 --- a/auth/handlers/handle_sessions.go +++ b/auth/handlers/handle_sessions.go @@ -58,6 +58,7 @@ func (h *AuthHandlers) sessionsView(req *request.AuthReq) error { } func (h *AuthHandlers) sessionsProc(req *request.AuthReq) error { + ctx := req.Context() ss, err := h.getSessions(req) if err != nil { return err @@ -70,11 +71,16 @@ func (h *AuthHandlers) sessionsProc(req *request.AuthReq) error { continue } - if err = h.SessionManager.DeleteByID(req.Context(), s.id); err != nil { + if err = h.SessionManager.DeleteByID(ctx, s.id); err != nil { return err } } + err = h.TokenService.DeleteByUserID(ctx, req.AuthUser.User.ID) + if err != nil { + return err + } + t := translator(req, "auth") req.NewAlerts = append(req.NewAlerts, request.Alert{ Type: "primary", @@ -86,7 +92,7 @@ func (h *AuthHandlers) sessionsProc(req *request.AuthReq) error { continue } - if err = h.SessionManager.DeleteByID(req.Context(), s.id); err != nil { + if err = h.SessionManager.DeleteByID(ctx, s.id); err != nil { return err } }