1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-10 23:01:04 +01:00

Add a bin/auth revoke revoker for sessions

Summary: Ref T13043. Allows CLI revocation of login sessions.

Test Plan: Used `bin/auth revoke --type session` with `--from` and `--everywhere` to revoke sessions. Saw accounts get logged out in web UI.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18892
This commit is contained in:
epriestley 2018-01-20 08:59:52 -08:00
parent 7970cf0585
commit 39c3b10a2f
2 changed files with 35 additions and 0 deletions

View file

@ -2126,6 +2126,7 @@ phutil_register_library_map(array(
'PhabricatorAuthSessionGarbageCollector' => 'applications/auth/garbagecollector/PhabricatorAuthSessionGarbageCollector.php',
'PhabricatorAuthSessionInfo' => 'applications/auth/data/PhabricatorAuthSessionInfo.php',
'PhabricatorAuthSessionQuery' => 'applications/auth/query/PhabricatorAuthSessionQuery.php',
'PhabricatorAuthSessionRevoker' => 'applications/auth/revoker/PhabricatorAuthSessionRevoker.php',
'PhabricatorAuthSetPasswordController' => 'applications/auth/controller/PhabricatorAuthSetPasswordController.php',
'PhabricatorAuthSetupCheck' => 'applications/config/check/PhabricatorAuthSetupCheck.php',
'PhabricatorAuthStartController' => 'applications/auth/controller/PhabricatorAuthStartController.php',
@ -7413,6 +7414,7 @@ phutil_register_library_map(array(
'PhabricatorAuthSessionGarbageCollector' => 'PhabricatorGarbageCollector',
'PhabricatorAuthSessionInfo' => 'Phobject',
'PhabricatorAuthSessionQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'PhabricatorAuthSessionRevoker' => 'PhabricatorAuthRevoker',
'PhabricatorAuthSetPasswordController' => 'PhabricatorAuthController',
'PhabricatorAuthSetupCheck' => 'PhabricatorSetupCheck',
'PhabricatorAuthStartController' => 'PhabricatorAuthController',

View file

@ -0,0 +1,33 @@
<?php
final class PhabricatorAuthSessionRevoker
extends PhabricatorAuthRevoker {
const REVOKERKEY = 'session';
public function revokeAllCredentials() {
$table = new PhabricatorAuthSession();
$conn = $table->establishConnection('w');
queryfx(
$conn,
'DELETE FROM %T',
$table->getTableName());
return $conn->getAffectedRows();
}
public function revokeCredentialsFrom($object) {
$table = new PhabricatorAuthSession();
$conn = $table->establishConnection('w');
queryfx(
$conn,
'DELETE FROM %T WHERE userPHID = %s',
$table->getTableName(),
$object->getPHID());
return $conn->getAffectedRows();
}
}