commit: 716f4cb11c0a1cafd4def7beeba5c938abe56fc5
parent: a5a07da8926589647160ac642a8e082bbeca4451
Author: Yamagishi Kazutoshi <ykzts@desire.sh>
Date: Wed, 19 Jul 2017 11:59:04 +0900
Add feature to revoke sessions (#4259)
Diffstat:
4 files changed, 25 insertions(+), 0 deletions(-)
diff --git a/app/controllers/settings/sessions_controller.rb b/app/controllers/settings/sessions_controller.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class Settings::SessionsController < ApplicationController
+ before_action :set_session, only: :destroy
+
+ def destroy
+ @session.destroy!
+ flash[:notice] = I18n.t('sessions.revoke_success')
+ redirect_to edit_user_registration_path
+ end
+
+ private
+
+ def set_session
+ @session = current_user.session_activations.find(params[:id])
+ end
+end
diff --git a/app/views/auth/registrations/_sessions.html.haml b/app/views/auth/registrations/_sessions.html.haml
@@ -7,6 +7,7 @@
%th= t 'sessions.browser'
%th= t 'sessions.ip'
%th= t 'sessions.activity'
+ %td
%tbody
- @sessions.each do |session|
%tr
@@ -22,3 +23,6 @@
= t 'sessions.current_session'
- else
%time.time-ago{ datetime: session.updated_at.iso8601, title: l(session.updated_at) }= l(session.updated_at)
+ %td
+ - if request.session['auth_id'] != session.session_id
+ = table_link_to 'times', t('sessions.revoke'), settings_session_path(session), method: :delete
diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -397,6 +397,8 @@ en:
windows: Windows
windows_mobile: Windows Mobile
windows_phone: Windows Phone
+ revoke: Revoke
+ revoke_success: Session successfully revoked
title: Sessions
settings:
authorized_apps: Authorized apps
diff --git a/config/routes.rb b/config/routes.rb
@@ -74,6 +74,8 @@ Rails.application.routes.draw do
resource :follower_domains, only: [:show, :update]
resource :delete, only: [:show, :destroy]
+
+ resources :sessions, only: [:destroy]
end
resources :media, only: [:show]
