misuzu/public-legacy/settings/sessions.php

61 lines
1.7 KiB
PHP
Raw Permalink Normal View History

2022-09-13 13:14:49 +00:00
<?php
namespace Misuzu;
use RuntimeException;
2022-09-13 13:14:49 +00:00
if(!$msz->isLoggedIn()) {
2022-09-13 13:14:49 +00:00
echo render_error(401);
return;
}
$errors = [];
2023-07-28 20:06:12 +00:00
$sessions = $msz->getSessions();
$currentUser = $msz->getActiveUser();
2023-07-28 20:06:12 +00:00
$activeSessionToken = $authToken->getSessionToken();
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$sessionId = (string)filter_input(INPUT_POST, 'session');
$activeSessionKilled = false;
if($sessionId === 'all') {
$activeSessionKilled = true;
$sessions->deleteSessions(userInfos: $currentUser);
$msz->createAuditLog('PERSONAL_SESSION_DESTROY_ALL');
2023-07-28 20:06:12 +00:00
} else {
try {
$sessionInfo = $sessions->getSession(sessionId: $sessionId);
} catch(RuntimeException $ex) {}
if(empty($sessionInfo) || $sessionInfo->getUserId() !== $currentUser->getId()) {
2023-07-28 20:06:12 +00:00
$errors[] = "That session doesn't exist.";
break;
}
$activeSessionKilled = $sessionInfo->getToken() === $activeSessionToken;
$sessions->deleteSessions(sessionInfos: $sessionInfo);
$msz->createAuditLog('PERSONAL_SESSION_DESTROY', [$sessionInfo->getId()]);
2022-09-13 13:14:49 +00:00
}
2023-07-28 20:06:12 +00:00
if($activeSessionKilled) {
2022-09-13 13:14:49 +00:00
url_redirect('index');
return;
2023-07-28 20:06:12 +00:00
} else break;
2022-09-13 13:14:49 +00:00
}
2023-07-28 20:06:12 +00:00
$pagination = new Pagination($sessions->countSessions(userInfo: $currentUser), 10);
$sessionList = [];
$sessionInfos = $sessions->getSessions(userInfo: $currentUser, pagination: $pagination);
foreach($sessionInfos as $sessionInfo)
$sessionList[] = [
'info' => $sessionInfo,
'active' => $sessionInfo->getToken() === $activeSessionToken,
];
2022-09-13 13:14:49 +00:00
Template::render('settings.sessions', [
'errors' => $errors,
2023-07-28 20:06:12 +00:00
'session_list' => $sessionList,
2022-09-13 13:14:49 +00:00
'session_pagination' => $pagination,
]);