From 1e35f0e7e30d2eeda8b801edc833de46a7b3b48e Mon Sep 17 00:00:00 2001 From: James Cole Date: Sat, 27 Jun 2020 15:42:18 +0200 Subject: [PATCH] You can logout other sessions. --- app/Http/Controllers/ProfileController.php | 32 +++++++++++++++++ app/Http/Kernel.php | 2 ++ resources/lang/en_US/breadcrumbs.php | 1 + resources/lang/en_US/firefly.php | 2 ++ resources/views/v1/profile/index.twig | 2 ++ .../v1/profile/logout-other-sessions.twig | 35 +++++++++++++++++++ routes/breadcrumbs.php | 8 +++++ routes/web.php | 3 ++ 8 files changed, 85 insertions(+) create mode 100644 resources/views/v1/profile/logout-other-sessions.twig diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index 164b7fc344..9511699d03 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -86,6 +86,38 @@ class ProfileController extends Controller $this->middleware(IsDemoUser::class)->except(['index']); } + /** + * + */ + public function logoutOtherSessions() + { + // + return view('profile.logout-other-sessions'); + } + + /** + * @param Request $request + * + * @return \Illuminate\Contracts\Foundation\Application|RedirectResponse|Redirector + */ + public function postLogoutOtherSessions(Request $request) + { + $creds = [ + 'email' => auth()->user()->email, + 'password' => $request->get('password'), + ]; + if (Auth::once($creds)) { + Auth::logoutOtherDevices($request->get('password')); + session()->flash('info', (string) trans('firefly.other_sessions_logged_out')); + + return redirect(route('profile.index')); + } + session()->flash('error', (string) trans('auth.failed')); + + return redirect(route('profile.index')); + + } + /** * Change your email address. * diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index d84cf3d709..b225877efd 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -44,6 +44,7 @@ use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode; use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull; use Illuminate\Foundation\Http\Middleware\ValidatePostSize; use Illuminate\Routing\Middleware\ThrottleRequests; +use Illuminate\Session\Middleware\AuthenticateSession; use Illuminate\View\Middleware\ShareErrorsFromSession; use Laravel\Passport\Http\Middleware\CreateFreshApiToken; use PragmaRX\Google2FALaravel\Middleware as MFAMiddleware; @@ -90,6 +91,7 @@ class Kernel extends HttpKernel ShareErrorsFromSession::class, VerifyCsrfToken::class, CreateFreshApiToken::class, + AuthenticateSession::class, ], // only the basic variable binders. diff --git a/resources/lang/en_US/breadcrumbs.php b/resources/lang/en_US/breadcrumbs.php index e119539507..cc494bd2a0 100644 --- a/resources/lang/en_US/breadcrumbs.php +++ b/resources/lang/en_US/breadcrumbs.php @@ -61,4 +61,5 @@ return [ 'telemetry_view' => 'View telemetry', 'edit_object_group' => 'Edit group ":title"', 'delete_object_group' => 'Delete group ":title"', + 'logout_others' => 'Logout other sessions' ]; diff --git a/resources/lang/en_US/firefly.php b/resources/lang/en_US/firefly.php index cc89626612..fe872f4a26 100644 --- a/resources/lang/en_US/firefly.php +++ b/resources/lang/en_US/firefly.php @@ -618,6 +618,7 @@ return [ // profile: 'permanent_delete_stuff' => 'Be careful with these buttons. Deleting stuff is permanent.', + 'other_sessions_logged_out' => 'All other sessions have been invalidated.', 'delete_all_budgets' => 'Delete ALL your budgets', 'delete_all_categories' => 'Delete ALL your categories', 'delete_all_tags' => 'Delete ALL your tags', @@ -1138,6 +1139,7 @@ return [ 'currency' => 'Currency', 'preferences' => 'Preferences', 'logout' => 'Logout', + 'logout_other_sessions' => 'Logout all other sessions', 'toggleNavigation' => 'Toggle navigation', 'searchPlaceholder' => 'Search...', 'version' => 'Version', diff --git a/resources/views/v1/profile/index.twig b/resources/views/v1/profile/index.twig index ba6768dcd5..b6b54cb67e 100644 --- a/resources/views/v1/profile/index.twig +++ b/resources/views/v1/profile/index.twig @@ -22,6 +22,8 @@ diff --git a/resources/views/v1/profile/logout-other-sessions.twig b/resources/views/v1/profile/logout-other-sessions.twig new file mode 100644 index 0000000000..1dbc5fddb9 --- /dev/null +++ b/resources/views/v1/profile/logout-other-sessions.twig @@ -0,0 +1,35 @@ +{% extends "./layout/default" %} + +{% block breadcrumbs %} + {{ Breadcrumbs.render(Route.getCurrentRoute.getName) }} +{% endblock %} + +{% block content %} +
+ + +
+
+
+
+

{{ 'logout_other_sessions'|_ }}

+
+
+
+ + +
+ +
+
+
+
+ +
+
+
+
+
+ {% include 'partials.password-modal' %} +{% endblock %} diff --git a/routes/breadcrumbs.php b/routes/breadcrumbs.php index 925acccb50..76cbc0ffd3 100644 --- a/routes/breadcrumbs.php +++ b/routes/breadcrumbs.php @@ -670,6 +670,14 @@ try { } ); + Breadcrumbs::register( + 'profile.logout-others', + static function (BreadcrumbsGenerator $breadcrumbs) { + $breadcrumbs->parent('home'); + $breadcrumbs->push(trans('breadcrumbs.logout_others'), route('profile.logout-others')); + } + ); + // PROFILE Breadcrumbs::register( 'profile.index', diff --git a/routes/web.php b/routes/web.php index d70f0c91a5..bc95d12e86 100644 --- a/routes/web.php +++ b/routes/web.php @@ -716,6 +716,9 @@ Route::group( Route::post('change-email', ['uses' => 'ProfileController@postChangeEmail', 'as' => 'change-email.post']); Route::post('regenerate', ['uses' => 'ProfileController@regenerate', 'as' => 'regenerate']); + Route::get('logout-others', ['uses' => 'ProfileController@logoutOtherSessions', 'as' => 'logout-others']); + Route::post('logout-others', ['uses' => 'ProfileController@postLogoutOtherSessions', 'as' => 'logout-others.post']); + // new 2FA routes Route::post('enable2FA', ['uses' => 'ProfileController@enable2FA', 'as' => 'enable2FA']); Route::get('2fa/code', ['uses' => 'ProfileController@code', 'as' => 'code']);