On password change or account deletion, disconnect all user sessions
This commit is contained in:
parent
c836980e06
commit
0458acc6c9
30
api/users.go
30
api/users.go
|
@ -316,13 +316,26 @@ func changePassword(opts *config.Options, req *RequestResources, body io.Reader)
|
|||
}
|
||||
}
|
||||
|
||||
if err := storage.MainStore.UpdateUser(req.User); err != nil {
|
||||
var sessions []*happydns.Session
|
||||
var err error
|
||||
if sessions, err = storage.MainStore.GetUserSessions(req.User); err != nil {
|
||||
return APIErrorResponse{
|
||||
err: err,
|
||||
}
|
||||
}
|
||||
|
||||
if err = storage.MainStore.UpdateUser(req.User); err != nil {
|
||||
return APIErrorResponse{
|
||||
err: err,
|
||||
}
|
||||
}
|
||||
|
||||
log.Printf("Change password for user %s", req.User.Email)
|
||||
|
||||
for _, session := range sessions {
|
||||
storage.MainStore.DeleteSession(session)
|
||||
}
|
||||
|
||||
return logout(opts, req.Ps, body)
|
||||
}
|
||||
|
||||
|
@ -341,13 +354,26 @@ func deleteUser(opts *config.Options, req *RequestResources, body io.Reader) Res
|
|||
}
|
||||
}
|
||||
|
||||
if err := storage.MainStore.DeleteUser(req.User); err != nil {
|
||||
var sessions []*happydns.Session
|
||||
var err error
|
||||
if sessions, err = storage.MainStore.GetUserSessions(req.User); err != nil {
|
||||
return APIErrorResponse{
|
||||
err: err,
|
||||
}
|
||||
}
|
||||
|
||||
if err = storage.MainStore.DeleteUser(req.User); err != nil {
|
||||
return APIErrorResponse{
|
||||
err: err,
|
||||
}
|
||||
}
|
||||
|
||||
log.Printf("User deleted: %s", req.User.Email)
|
||||
|
||||
for _, session := range sessions {
|
||||
storage.MainStore.DeleteSession(session)
|
||||
}
|
||||
|
||||
return logout(opts, req.Ps, body)
|
||||
}
|
||||
|
||||
|
|
|
@ -79,6 +79,9 @@ type Storage interface {
|
|||
// GetSession retrieves the Session with the given identifier.
|
||||
GetSession(id []byte) (*happydns.Session, error)
|
||||
|
||||
// GetUserSessions retrieves all Session for the given User.
|
||||
GetUserSessions(user *happydns.User) ([]*happydns.Session, error)
|
||||
|
||||
// CreateSession creates a record in the database for the given Session.
|
||||
CreateSession(session *happydns.Session) error
|
||||
|
||||
|
|
|
@ -51,6 +51,23 @@ func (s *LevelDBStorage) GetSession(id []byte) (session *happydns.Session, err e
|
|||
return s.getSession(fmt.Sprintf("user.session-%x", id))
|
||||
}
|
||||
|
||||
func (s *LevelDBStorage) GetUserSessions(user *happydns.User) (sessions []*happydns.Session, err error) {
|
||||
iter := s.search("user.session-")
|
||||
defer iter.Release()
|
||||
|
||||
for iter.Next() {
|
||||
var s happydns.Session
|
||||
|
||||
err = decodeData(iter.Value(), &s)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
sessions = append(sessions, &s)
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (s *LevelDBStorage) CreateSession(session *happydns.Session) error {
|
||||
key, id, err := s.findBytesKey("user.session-", 255)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in New Issue