From 9392d1025085ad51d242e9df7a0d5acb244b9d92 Mon Sep 17 00:00:00 2001 From: Yamagishi Kazutoshi Date: Wed, 19 Jul 2017 11:59:04 +0900 Subject: [PATCH] Add feature to revoke sessions (#4259) --- app/controllers/settings/sessions_controller.rb | 17 +++++++++++++++++ .../auth/registrations/_sessions.html.haml | 4 ++++ config/locales/en.yml | 2 ++ config/routes.rb | 2 ++ 4 files changed, 25 insertions(+) create mode 100644 app/controllers/settings/sessions_controller.rb diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb new file mode 100644 index 0000000000..0da1b027b8 --- /dev/null +++ b/app/controllers/settings/sessions_controller.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class Settings::SessionsController < ApplicationController + before_action :set_session, only: :destroy + + def destroy + @session.destroy! + flash[:notice] = I18n.t('sessions.revoke_success') + redirect_to edit_user_registration_path + end + + private + + def set_session + @session = current_user.session_activations.find(params[:id]) + end +end diff --git a/app/views/auth/registrations/_sessions.html.haml b/app/views/auth/registrations/_sessions.html.haml index 4521aad0a2..84207862ad 100644 --- a/app/views/auth/registrations/_sessions.html.haml +++ b/app/views/auth/registrations/_sessions.html.haml @@ -7,6 +7,7 @@ %th= t 'sessions.browser' %th= t 'sessions.ip' %th= t 'sessions.activity' + %td %tbody - @sessions.each do |session| %tr @@ -22,3 +23,6 @@ = t 'sessions.current_session' - else %time.time-ago{ datetime: session.updated_at.iso8601, title: l(session.updated_at) }= l(session.updated_at) + %td + - if request.session['auth_id'] != session.session_id + = table_link_to 'times', t('sessions.revoke'), settings_session_path(session), method: :delete diff --git a/config/locales/en.yml b/config/locales/en.yml index 4cb536223e..ff02226ac6 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -397,6 +397,8 @@ en: windows: Windows windows_mobile: Windows Mobile windows_phone: Windows Phone + revoke: Revoke + revoke_success: Session successfully revoked title: Sessions settings: authorized_apps: Authorized apps diff --git a/config/routes.rb b/config/routes.rb index 60234a9e6a..2aa89f16df 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -74,6 +74,8 @@ Rails.application.routes.draw do resource :follower_domains, only: [:show, :update] resource :delete, only: [:show, :destroy] + + resources :sessions, only: [:destroy] end resources :media, only: [:show]