From c2c6a24b29af855bfca3ca8ee18ad6fa3f4094a1 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Mon, 13 Jul 2020 11:56:49 +0200 Subject: [PATCH] Can disconnect a user from all its devices --- src/controllers/account_controller.rs | 7 +++++++ src/controllers/routes.rs | 1 + src/helpers/account_helper.rs | 7 +++++++ 3 files changed, 15 insertions(+) diff --git a/src/controllers/account_controller.rs b/src/controllers/account_controller.rs index 59a27dd..f6982b1 100644 --- a/src/controllers/account_controller.rs +++ b/src/controllers/account_controller.rs @@ -41,6 +41,13 @@ pub fn logout_user(request: &mut HttpRequestHandler) -> RequestResult { request.success("User disconnected.") } +/// Disconnect a user from all his devices +pub fn disconnect_all_devices(r: &mut HttpRequestHandler) -> RequestResult { + account_helper::destroy_all_user_tokens(r.user_id_ref()?)?; + + r.success("Successfully disconnected!") +} + /// Get current user ID pub fn user_id(request: &mut HttpRequestHandler) -> RequestResult { request.set_response(CurrentUserID::new(&request.user_id()?)) diff --git a/src/controllers/routes.rs b/src/controllers/routes.rs index 67b0d46..fd380a6 100644 --- a/src/controllers/routes.rs +++ b/src/controllers/routes.rs @@ -71,6 +71,7 @@ pub fn get_routes() -> Vec { Route::post_without_login("/user/connectUSER", Box::new(account_controller::login_user)), Route::post("/account/logout", Box::new(account_controller::logout_user)), Route::post("/user/disconnectUSER", Box::new(account_controller::logout_user)), + Route::post("/account/disconnect_all_devices", Box::new(account_controller::disconnect_all_devices)), Route::post("/account/id", Box::new(account_controller::user_id)), Route::post("/user/getCurrentUserID", Box::new(account_controller::user_id)), diff --git a/src/helpers/account_helper.rs b/src/helpers/account_helper.rs index 5482919..e8257bd 100644 --- a/src/helpers/account_helper.rs +++ b/src/helpers/account_helper.rs @@ -87,6 +87,13 @@ pub fn destroy_login_tokens(id: &UserID, client: &APIClient) -> ResultBoxError<( Ok(()) } +/// Destroy all login tokens of a user +pub fn destroy_all_user_tokens(id: &UserID) -> ResultBoxError { + database::DeleteQuery::new(USER_ACCESS_TOKENS_TABLE) + .cond_user_id("user_id", id) + .exec() +} + /// Check out whether a virtual directory is taken by a user or not pub fn check_user_directory_availability(dir: &str, user_id: Option) -> ResultBoxError { let found_user = user_helper::find_user_by_virtual_directory(dir);