Switched routes order
This commit is contained in:
parent
6803a47491
commit
4fead6006e
1 changed files with 41 additions and 41 deletions
|
@ -832,47 +832,6 @@ $utopia->delete('/v1/account')
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
$utopia->delete('/v1/account/sessions')
|
|
||||||
->desc('Delete All Account Sessions')
|
|
||||||
->label('scope', 'account')
|
|
||||||
->label('webhook', 'account.sessions.delete')
|
|
||||||
->label('sdk.namespace', 'account')
|
|
||||||
->label('sdk.method', 'deleteAccountSessions')
|
|
||||||
->label('sdk.description', '/docs/references/account/delete-sessions.md')
|
|
||||||
->label('abuse-limit', 100)
|
|
||||||
->action(
|
|
||||||
function () use ($response, $request, $user, $projectDB, $audit, $webhook) {
|
|
||||||
$tokens = $user->getAttribute('tokens', []);
|
|
||||||
|
|
||||||
foreach ($tokens as $token) { /* @var $token Document */
|
|
||||||
if (!$projectDB->deleteDocument($token->getUid())) {
|
|
||||||
throw new Exception('Failed to remove token from DB', 500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$audit
|
|
||||||
->setParam('event', 'account.sessions.delete')
|
|
||||||
->setParam('resource', '/user/'.$user->getUid())
|
|
||||||
;
|
|
||||||
|
|
||||||
$webhook
|
|
||||||
->setParam('payload', [
|
|
||||||
'name' => $user->getAttribute('name', ''),
|
|
||||||
'email' => $user->getAttribute('email', ''),
|
|
||||||
])
|
|
||||||
;
|
|
||||||
|
|
||||||
if ($token->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
|
|
||||||
$response
|
|
||||||
->addCookie(Auth::$cookieName.'_legacy', '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, null)
|
|
||||||
->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE)
|
|
||||||
;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->noContent();
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
$utopia->delete('/v1/account/sessions/:id')
|
$utopia->delete('/v1/account/sessions/:id')
|
||||||
->desc('Delete Account Session')
|
->desc('Delete Account Session')
|
||||||
->label('scope', 'account')
|
->label('scope', 'account')
|
||||||
|
@ -950,6 +909,47 @@ $utopia->delete('/v1/account/sessions/current')
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
|
$utopia->delete('/v1/account/sessions')
|
||||||
|
->desc('Delete All Account Sessions')
|
||||||
|
->label('scope', 'account')
|
||||||
|
->label('webhook', 'account.sessions.delete')
|
||||||
|
->label('sdk.namespace', 'account')
|
||||||
|
->label('sdk.method', 'deleteAccountSessions')
|
||||||
|
->label('sdk.description', '/docs/references/account/delete-sessions.md')
|
||||||
|
->label('abuse-limit', 100)
|
||||||
|
->action(
|
||||||
|
function () use ($response, $request, $user, $projectDB, $audit, $webhook) {
|
||||||
|
$tokens = $user->getAttribute('tokens', []);
|
||||||
|
|
||||||
|
foreach ($tokens as $token) { /* @var $token Document */
|
||||||
|
if (!$projectDB->deleteDocument($token->getUid())) {
|
||||||
|
throw new Exception('Failed to remove token from DB', 500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$audit
|
||||||
|
->setParam('event', 'account.sessions.delete')
|
||||||
|
->setParam('resource', '/user/'.$user->getUid())
|
||||||
|
;
|
||||||
|
|
||||||
|
$webhook
|
||||||
|
->setParam('payload', [
|
||||||
|
'name' => $user->getAttribute('name', ''),
|
||||||
|
'email' => $user->getAttribute('email', ''),
|
||||||
|
])
|
||||||
|
;
|
||||||
|
|
||||||
|
if ($token->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
|
||||||
|
$response
|
||||||
|
->addCookie(Auth::$cookieName.'_legacy', '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, null)
|
||||||
|
->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE)
|
||||||
|
;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->noContent();
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
$utopia->post('/v1/account/recovery')
|
$utopia->post('/v1/account/recovery')
|
||||||
->desc('Password Recovery')
|
->desc('Password Recovery')
|
||||||
->label('scope', 'public')
|
->label('scope', 'public')
|
||||||
|
|
Loading…
Reference in a new issue