2014-03-17 23:02:01 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
final class PhabricatorAuthTerminateSessionController
|
|
|
|
extends PhabricatorAuthController {
|
|
|
|
|
2015-08-02 01:49:27 +02:00
|
|
|
public function handleRequest(AphrontRequest $request) {
|
|
|
|
$viewer = $this->getViewer();
|
|
|
|
$id = $request->getURIData('id');
|
2014-03-17 23:02:01 +01:00
|
|
|
|
2015-08-02 01:49:27 +02:00
|
|
|
$is_all = ($id === 'all');
|
2014-03-17 23:02:01 +01:00
|
|
|
|
|
|
|
$query = id(new PhabricatorAuthSessionQuery())
|
|
|
|
->setViewer($viewer)
|
|
|
|
->withIdentityPHIDs(array($viewer->getPHID()));
|
|
|
|
if (!$is_all) {
|
2015-08-02 01:49:27 +02:00
|
|
|
$query->withIDs(array($id));
|
2014-03-17 23:02:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
$current_key = PhabricatorHash::digest(
|
|
|
|
$request->getCookie(PhabricatorCookies::COOKIE_SESSION));
|
|
|
|
|
|
|
|
$sessions = $query->execute();
|
|
|
|
foreach ($sessions as $key => $session) {
|
2015-09-02 00:52:44 +02:00
|
|
|
$is_current = phutil_hashes_are_identical(
|
|
|
|
$session->getSessionKey(),
|
|
|
|
$current_key);
|
|
|
|
if ($is_current) {
|
2014-03-17 23:02:01 +01:00
|
|
|
// Don't terminate the current login session.
|
|
|
|
unset($sessions[$key]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$panel_uri = '/settings/panel/sessions/';
|
|
|
|
|
|
|
|
if (!$sessions) {
|
2014-03-21 22:40:05 +01:00
|
|
|
return $this->newDialog()
|
2014-03-17 23:02:01 +01:00
|
|
|
->setTitle(pht('No Matching Sessions'))
|
|
|
|
->appendParagraph(
|
|
|
|
pht('There are no matching sessions to terminate.'))
|
|
|
|
->appendParagraph(
|
|
|
|
pht(
|
|
|
|
'(You can not terminate your current login session. To '.
|
|
|
|
'terminate it, log out.)'))
|
|
|
|
->addCancelButton($panel_uri);
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($request->isDialogFormPost()) {
|
|
|
|
foreach ($sessions as $session) {
|
|
|
|
$session->delete();
|
|
|
|
}
|
|
|
|
return id(new AphrontRedirectResponse())->setURI($panel_uri);
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($is_all) {
|
|
|
|
$title = pht('Terminate Sessions?');
|
2014-03-21 22:40:05 +01:00
|
|
|
$short = pht('Terminate Sessions');
|
2014-03-17 23:02:01 +01:00
|
|
|
$body = pht(
|
|
|
|
'Really terminate all sessions? (Your current login session will '.
|
|
|
|
'not be terminated.)');
|
|
|
|
} else {
|
|
|
|
$title = pht('Terminate Session?');
|
2014-03-21 22:40:05 +01:00
|
|
|
$short = pht('Terminate Session');
|
2014-03-17 23:02:01 +01:00
|
|
|
$body = pht(
|
|
|
|
'Really terminate session %s?',
|
|
|
|
phutil_tag('strong', array(), substr($session->getSessionKey(), 0, 6)));
|
|
|
|
}
|
|
|
|
|
2014-03-21 22:40:05 +01:00
|
|
|
return $this->newDialog()
|
2014-03-17 23:02:01 +01:00
|
|
|
->setTitle($title)
|
2014-03-21 22:40:05 +01:00
|
|
|
->setShortTitle($short)
|
2014-03-17 23:02:01 +01:00
|
|
|
->appendParagraph($body)
|
|
|
|
->addSubmitButton(pht('Terminate'))
|
|
|
|
->addCancelButton($panel_uri);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|