flashii/misuzu
flashii/misuzu
1
1
Fork 0
Code Issues Pull requests Releases 163 Wiki Activity Actions
misuzu/public-legacy/settings/sessions.php

60 lines
1.9 KiB
PHP
Raw Permalink Blame History

<?php
namespace Misuzu;
use RuntimeException;
if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
die('Script must be called through the Misuzu route dispatcher.');
if(!$msz->authInfo->isLoggedIn)
Template::throwError(401);
$errors = [];
$currentUser = $msz->authInfo->userInfo;
$activeSessionId = $msz->authInfo->sessionId;
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
$sessionId = (string)filter_input(INPUT_POST, 'session');
$activeSessionKilled = false;
if($sessionId === 'all') {
$activeSessionKilled = true;
$msz->authCtx->sessions->deleteSessions(userInfos: $currentUser);
$msz->createAuditLog('PERSONAL_SESSION_DESTROY_ALL');
} else {
try {
$sessionInfo = $msz->authCtx->sessions->getSession(sessionId: $sessionId);
} catch(RuntimeException $ex) {}
if(empty($sessionInfo) || $sessionInfo->userId !== $currentUser->id) {
$errors[] = "That session doesn't exist.";
break;
}
$activeSessionKilled = $sessionInfo->id === $activeSessionId;
$msz->authCtx->sessions->deleteSessions(sessionInfos: $sessionInfo);
$msz->createAuditLog('PERSONAL_SESSION_DESTROY', [$sessionInfo->id]);
}
if($activeSessionKilled) {
Tools::redirect($msz->urls->format('index'));
return;
} else break;
}
$pagination = Pagination::fromInput($msz->authCtx->sessions->countSessions(userInfo: $currentUser), 10);
$sessionList = [];
$sessionInfos = $msz->authCtx->sessions->getSessions(userInfo: $currentUser, pagination: $pagination);
foreach($sessionInfos as $sessionInfo)
$sessionList[] = [
'info' => $sessionInfo,
'active' => $sessionInfo->id === $activeSessionId,
];
Template::render('settings.sessions', [
'errors' => $errors,
'session_list' => $sessionList,
'session_pagination' => $pagination,
]);
Reference in a new issue View git blame Copy permalink