Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-07 06:25:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #4544

Browse Source
This commit is contained in:
barisusakli
2016-12-15 14:47:42 +03:00
parent 9d75c48236
commit 55b68197aa
5 changed files with 75 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
public/src/admin/settings/cookies.js
View File

@@ -9,6 +9,16 @@ define('admin/settings/cookies', [
Module.init = function () {
colorpicker.enable($('[data-colorpicker="1"]'));
$('#delete-all-sessions').on('click', function () {
socket.emit('admin.deleteAllSessions', function (err) {
if (err) {
return app.alertError(err.message);
}
window.location.href = config.relative_path + '/login';
});
return false;
});
};
return Module;

5
src/socket.io/admin.js
View File

@@ -3,7 +3,6 @@
var async = require('async');
var winston = require('winston');
var nconf = require('nconf');
var path = require('path');
var meta = require('../meta');
var plugins = require('../plugins');
@@ -285,5 +284,9 @@ SocketAdmin.getSearchDict = function (socket, data, callback) {
});
};
SocketAdmin.deleteAllSessions = function (socket, data, callback) {
user.auth.deleteAllSessions(callback);
};
module.exports = SocketAdmin;

33
src/user/auth.js
View File

@@ -5,6 +5,7 @@ var winston = require('winston');
var db = require('../database');
var meta = require('../meta');
var events = require('../events');
var batch = require('../batch');
module.exports = function (User) {
User.auth = {};
@@ -142,4 +143,36 @@ module.exports = function (User) {
}
], callback);
};
User.auth.deleteAllSessions = function (callback) {
var _ = require('underscore');
batch.processSortedSet('users:joindate', function (uids, next) {
var sessionKeys = uids.map(function (uid) {
return 'uid:' + uid + ':sessions';
});
var sessionUUIDKeys = uids.map(function (uid) {
return 'uid:' + uid + ':sessionUUID:sessionId';
});
async.waterfall([
function (next) {
db.getSortedSetRange(sessionKeys, 0, -1, next);
},
function (sids, next) {
sids = _.flatten(sids);
async.parallel([
async.apply(db.deleteAll, sessionUUIDKeys),
async.apply(db.deleteAll, sessionKeys),
function (next) {
async.each(sids, function (sid, next) {
db.sessionStore.destroy(sid, next);
}, next);
}
], next);
}
], next);
}, {batch: 1000}, callback);
};
};

7
src/views/admin/settings/cookies.tpl
View File

@@ -48,6 +48,13 @@
Leave blank for default
</p>
</div>
<div class="form-group">
<button id="delete-all-sessions" class="btn btn-danger">Revoke All Sessions</button>
<p class="help-block">
This will delete all sessions, you will be logged out and will have to login again!
</p>
</div>
</form>
</div>
</div>

24
test/authentication.js
View File

@@ -10,10 +10,11 @@ var user = require('../src/user');
describe('authentication', function () {
var jar = request.jar();
var regularUid;
before(function (done) {
user.create({username: 'regular', password: 'regularpwd', email: 'regular@nodebb.org' }, function (err) {
user.create({username: 'regular', password: 'regularpwd', email: 'regular@nodebb.org' }, function (err, uid) {
assert.ifError(err);
regularUid = uid;
done();
});
});
@@ -71,7 +72,7 @@ describe('authentication', function () {
headers: {
'x-csrf-token': body.csrf_token
}
}, function (err, response, body) {
}, function (err) {
assert.ifError(err);
request({
@@ -125,6 +126,23 @@ describe('authentication', function () {
});
});
it('should revoke all sessions', function (done) {
var socketAdmin = require('../src/socket.io/admin');
db.sortedSetCard('uid:' + regularUid + ':sessions', function (err, count) {
assert.ifError(err);
assert(count);
socketAdmin.deleteAllSessions({uid: 1}, {}, function (err) {
assert.ifError(err);
db.sortedSetCard('uid:' + regularUid + ':sessions', function (err, count) {
assert.ifError(err);
assert(!count);
done();
});
});
});
});
after(function (done) {
db.emptydb(done);