restore auth for oauth revoke by id
parent
28a0e42213
commit
e8e1efdfc4
|
@ -121,7 +121,7 @@ final class OAuth(env: Env) extends LilaController(env) {
|
||||||
def tokenRevoke =
|
def tokenRevoke =
|
||||||
Scoped() { implicit req => _ =>
|
Scoped() { implicit req => _ =>
|
||||||
HTTPRequest.bearer(req) ?? { token =>
|
HTTPRequest.bearer(req) ?? { token =>
|
||||||
env.oAuth.tokenApi.revoke(AccessToken.Id.from(token)) inject NoContent
|
env.oAuth.tokenApi.revoke(token) inject NoContent
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ final class OAuthToken(env: Env) extends LilaController(env) {
|
||||||
}
|
}
|
||||||
|
|
||||||
def delete(id: String) =
|
def delete(id: String) =
|
||||||
Auth { _ => _ =>
|
Auth { _ => me =>
|
||||||
tokenApi.revoke(AccessToken.Id(id)) inject Redirect(routes.OAuthToken.index).flashSuccess
|
tokenApi.revokeById(AccessToken.Id(id), me) inject Redirect(routes.OAuthToken.index).flashSuccess
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -104,8 +104,15 @@ final class AccessTokenApi(coll: Coll, cacheApi: lila.memo.CacheApi, userRepo: U
|
||||||
} yield AccessTokenApi.Client(origin, usedAt, scopes)
|
} yield AccessTokenApi.Client(origin, usedAt, scopes)
|
||||||
}
|
}
|
||||||
|
|
||||||
def revoke(id: AccessToken.Id): Funit =
|
def revokeById(id: AccessToken.Id, user: User): Funit =
|
||||||
coll.delete.one($id(id)).map(_ => invalidateCached(id))
|
coll.delete
|
||||||
|
.one(
|
||||||
|
$doc(
|
||||||
|
F.id -> id,
|
||||||
|
F.userId -> user.id
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.map(_ => invalidateCached(id))
|
||||||
|
|
||||||
def revokeByClientOrigin(clientOrigin: String, user: User): Funit =
|
def revokeByClientOrigin(clientOrigin: String, user: User): Funit =
|
||||||
coll
|
coll
|
||||||
|
@ -130,6 +137,11 @@ final class AccessTokenApi(coll: Coll, cacheApi: lila.memo.CacheApi, userRepo: U
|
||||||
.map(_ => invalidate.flatMap(_.getAsOpt[AccessToken.Id](F.id)).foreach(invalidateCached))
|
.map(_ => invalidate.flatMap(_.getAsOpt[AccessToken.Id](F.id)).foreach(invalidateCached))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
def revoke(bearer: Bearer) = {
|
||||||
|
val id = AccessToken.Id.from(bearer)
|
||||||
|
coll.delete.one($id(id)).map(_ => invalidateCached(id))
|
||||||
|
}
|
||||||
|
|
||||||
def get(bearer: Bearer) = accessTokenCache.get(AccessToken.Id.from(bearer))
|
def get(bearer: Bearer) = accessTokenCache.get(AccessToken.Id.from(bearer))
|
||||||
|
|
||||||
private val accessTokenCache =
|
private val accessTokenCache =
|
||||||
|
|
Loading…
Reference in New Issue