about summary refs log tree commit diff
diff options
context:
space:
mode:
authorYamagishi Kazutoshi <ykzts@desire.sh>2017-07-19 11:59:04 +0900
committerEugen Rochko <eugen@zeonfederated.com>2017-07-19 04:59:04 +0200
commit716f4cb11c0a1cafd4def7beeba5c938abe56fc5 (patch)
tree39fc660ad10318fc4b2ec88c3a9b752d0a3e3001
parenta5a07da8926589647160ac642a8e082bbeca4451 (diff)
Add feature to revoke sessions (#4259)
-rw-r--r--app/controllers/settings/sessions_controller.rb17
-rw-r--r--app/views/auth/registrations/_sessions.html.haml4
-rw-r--r--config/locales/en.yml2
-rw-r--r--config/routes.rb2
4 files changed, 25 insertions, 0 deletions
diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb
new file mode 100644
index 000000000..0da1b027b
--- /dev/null
+++ b/app/controllers/settings/sessions_controller.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class Settings::SessionsController < ApplicationController
+  before_action :set_session, only: :destroy
+
+  def destroy
+    @session.destroy!
+    flash[:notice] = I18n.t('sessions.revoke_success')
+    redirect_to edit_user_registration_path
+  end
+
+  private
+
+  def set_session
+    @session = current_user.session_activations.find(params[:id])
+  end
+end
diff --git a/app/views/auth/registrations/_sessions.html.haml b/app/views/auth/registrations/_sessions.html.haml
index 4521aad0a..84207862a 100644
--- a/app/views/auth/registrations/_sessions.html.haml
+++ b/app/views/auth/registrations/_sessions.html.haml
@@ -7,6 +7,7 @@
       %th= t 'sessions.browser'
       %th= t 'sessions.ip'
       %th= t 'sessions.activity'
+      %td
   %tbody
     - @sessions.each do |session|
       %tr
@@ -22,3 +23,6 @@
             = t 'sessions.current_session'
           - else
             %time.time-ago{ datetime: session.updated_at.iso8601, title: l(session.updated_at) }= l(session.updated_at)
+        %td
+          - if request.session['auth_id'] != session.session_id
+            = table_link_to 'times', t('sessions.revoke'), settings_session_path(session), method: :delete
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 4cb536223..ff02226ac 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -397,6 +397,8 @@ en:
       windows: Windows
       windows_mobile: Windows Mobile
       windows_phone: Windows Phone
+    revoke: Revoke
+    revoke_success: Session successfully revoked
     title: Sessions
   settings:
     authorized_apps: Authorized apps
diff --git a/config/routes.rb b/config/routes.rb
index 60234a9e6..2aa89f16d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -74,6 +74,8 @@ Rails.application.routes.draw do
 
     resource :follower_domains, only: [:show, :update]
     resource :delete, only: [:show, :destroy]
+
+    resources :sessions, only: [:destroy]
   end
 
   resources :media, only: [:show]