about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorYamagishi Kazutoshi <ykzts@desire.sh>2017-07-19 11:59:04 +0900
committerEugen Rochko <eugen@zeonfederated.com>2017-07-19 04:59:04 +0200
commit716f4cb11c0a1cafd4def7beeba5c938abe56fc5 (patch)
tree39fc660ad10318fc4b2ec88c3a9b752d0a3e3001 /app
parenta5a07da8926589647160ac642a8e082bbeca4451 (diff)
Add feature to revoke sessions (#4259)
Diffstat (limited to 'app')
-rw-r--r--app/controllers/settings/sessions_controller.rb17
-rw-r--r--app/views/auth/registrations/_sessions.html.haml4
2 files changed, 21 insertions, 0 deletions
diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb
new file mode 100644
index 000000000..0da1b027b
--- /dev/null
+++ b/app/controllers/settings/sessions_controller.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class Settings::SessionsController < ApplicationController
+  before_action :set_session, only: :destroy
+
+  def destroy
+    @session.destroy!
+    flash[:notice] = I18n.t('sessions.revoke_success')
+    redirect_to edit_user_registration_path
+  end
+
+  private
+
+  def set_session
+    @session = current_user.session_activations.find(params[:id])
+  end
+end
diff --git a/app/views/auth/registrations/_sessions.html.haml b/app/views/auth/registrations/_sessions.html.haml
index 4521aad0a..84207862a 100644
--- a/app/views/auth/registrations/_sessions.html.haml
+++ b/app/views/auth/registrations/_sessions.html.haml
@@ -7,6 +7,7 @@
       %th= t 'sessions.browser'
       %th= t 'sessions.ip'
       %th= t 'sessions.activity'
+      %td
   %tbody
     - @sessions.each do |session|
       %tr
@@ -22,3 +23,6 @@
             = t 'sessions.current_session'
           - else
             %time.time-ago{ datetime: session.updated_at.iso8601, title: l(session.updated_at) }= l(session.updated_at)
+        %td
+          - if request.session['auth_id'] != session.session_id
+            = table_link_to 'times', t('sessions.revoke'), settings_session_path(session), method: :delete