deepcrayon/lila
deepcrayon/lila
1
0
Fork 0
Code Releases Activity

invalidate cached client tokens

Browse source
This commit is contained in:
Niklas Fiekas 2021-06-20 00:16:41 +02:00
parent 438c43d29f
commit a2e63d82bd
3 changed files with 30 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/controllers/OAuth.scala
View file

@ -105,8 +105,13 @@ final class OAuth(env: Env) extends LilaController(env) {
revokeClientForm
.bindFromRequest()
.fold(
_ => funit,
origin => env.oAuth.tokenApi.revokeByClientOrigin(origin, me) // TODO: also remove from token cache
_ => BadRequest.fuccess,
origin =>
env.oAuth.tokenApi.revokeByClientOrigin(origin, me) map {
_ foreach { token =>
env.oAuth.server.deleteCached(token)
}
} inject NoContent
)
}

2
app/views/account/security.scala
View file

@ -22,7 +22,7 @@ object security {
account.layout(title = s"${u.username} - ${trans.security.txt()}", active = "security") {
div(cls := "account security")(
div(cls := "box")(
h1(trans.sessions()),
h1(trans.security()),
standardFlash(cls := "box__pad"),
div(cls := "box__pad")(
p(

21
modules/oauth/src/main/AccessTokenApi.scala
View file

@ -79,16 +79,29 @@ final class AccessTokenApi(colls: OauthColls)(implicit ec: scala.concurrent.Exec
} yield AccessTokenApi.Client(origin, usedAt, scopes)
}
def revokeByClientOrigin(clientOrigin: String, user: User): Funit =
colls.token {
_.delete
def revokeByClientOrigin(clientOrigin: String, user: User): Fu[List[AccessToken.Id]] =
colls.token { coll =>
coll
.find(
$doc(
F.userId -> user.id,
F.clientOrigin -> clientOrigin
),
$doc(F.id -> 1).some
)
.sort($sort desc F.usedAt)
.cursor[Bdoc]()
.list(100)
.flatMap { invalidate =>
coll.delete
.one(
$doc(
F.userId -> user.id,
F.clientOrigin -> clientOrigin
)
)
.void
.inject(invalidate.flatMap(_.getAsOpt[AccessToken.Id](F.id)))
}
}
def revokeByPublicId(publicId: String, user: User): Fu[Option[AccessToken]] =