]> cat aescling's git repositories - mastodon.git/commitdiff
cat aescling's git repositories / mastodon.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a5a07da)
Add feature to revoke sessions (#4259)
authorYamagishi Kazutoshi <ykzts@desire.sh>
Wed, 19 Jul 2017 02:59:04 +0000 (11:59 +0900)
committerEugen Rochko <eugen@zeonfederated.com>
Wed, 19 Jul 2017 02:59:04 +0000 (04:59 +0200)
app/controllers/settings/sessions_controller.rb [new file with mode: 0644] patch | blob
app/views/auth/registrations/_sessions.html.haml patch | blob | history
config/locales/en.yml patch | blob | history
config/routes.rb patch | blob | history

diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb
new file mode 100644 (file)
index 0000000..0da1b02
--- /dev/null
+++ b/app/controllers/settings/sessions_controller.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class Settings::SessionsController < ApplicationController
+  before_action :set_session, only: :destroy
+
+  def destroy
+    @session.destroy!
+    flash[:notice] = I18n.t('sessions.revoke_success')
+    redirect_to edit_user_registration_path
+  end
+
+  private
+
+  def set_session
+    @session = current_user.session_activations.find(params[:id])
+  end
+end
diff --git a/app/views/auth/registrations/_sessions.html.haml b/app/views/auth/registrations/_sessions.html.haml
index 4521aad0a2bec4fdf119d0022ef6e612843ff0b3..84207862ad5dd39e2488782550d9ca5d73afba05 100644 (file)
--- a/app/views/auth/registrations/_sessions.html.haml
+++ b/app/views/auth/registrations/_sessions.html.haml
@@ -7,6 +7,7 @@
       %th= t 'sessions.browser'
       %th= t 'sessions.ip'
       %th= t 'sessions.activity'
+      %td
   %tbody
     - @sessions.each do |session|
       %tr
@@ -22,3 +23,6 @@
             = t 'sessions.current_session'
           - else
             %time.time-ago{ datetime: session.updated_at.iso8601, title: l(session.updated_at) }= l(session.updated_at)
+        %td
+          - if request.session['auth_id'] != session.session_id
+            = table_link_to 'times', t('sessions.revoke'), settings_session_path(session), method: :delete
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 4cb536223e32a67bec04ab338729c81091bb29c7..ff02226ac67eda96a7c073e86896a26c85ec3414 100644 (file)
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -397,6 +397,8 @@ en:
       windows: Windows
       windows_mobile: Windows Mobile
       windows_phone: Windows Phone
+    revoke: Revoke
+    revoke_success: Session successfully revoked
     title: Sessions
   settings:
     authorized_apps: Authorized apps
diff --git a/config/routes.rb b/config/routes.rb
index 60234a9e6a4b7cc0d1ce21613133ecf735acd4b8..2aa89f16dfb48e48040b97632f20e38f07a2fd79 100644 (file)
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -74,6 +74,8 @@ Rails.application.routes.draw do
 
     resource :follower_domains, only: [:show, :update]
     resource :delete, only: [:show, :destroy]
+
+    resources :sessions, only: [:destroy]
   end
 
   resources :media, only: [:show]
source code fur Kibicat Mastodon