aboutsummaryrefslogtreecommitdiff
path: root/service
diff options
context:
space:
mode:
authorr <r@freesoftwareextremist.com>2020-03-04 15:59:59 +0000
committerr <r@freesoftwareextremist.com>2020-03-04 15:59:59 +0000
commit911c9b79937a82bd4574972fa24f45f5cb922092 (patch)
treec0f0ce04c6e0d0e2b8a7b552b8cb887ceb362ad5 /service
parent35a8c247d910f4a17aea5dd9df511f6e44bbc4bf (diff)
downloadbloat-911c9b79937a82bd4574972fa24f45f5cb922092.tar.gz
bloat-911c9b79937a82bd4574972fa24f45f5cb922092.zip
Remove session details on signout
Diffstat (limited to 'service')
-rw-r--r--service/auth.go13
-rw-r--r--service/logging.go8
-rw-r--r--service/service.go6
-rw-r--r--service/transport.go8
4 files changed, 33 insertions, 2 deletions
diff --git a/service/auth.go b/service/auth.go
index 9e6f709..7fd238b 100644
--- a/service/auth.go
+++ b/service/auth.go
@@ -204,6 +204,19 @@ func (s *as) Signin(ctx context.Context, c *model.Client, sessionID string,
return
}
+func (s *as) Signout(ctx context.Context, c *model.Client) (err error) {
+ err = s.authenticateClient(ctx, c)
+ if err != nil {
+ return
+ }
+ err = checkCSRF(ctx, c)
+ if err != nil {
+ return
+ }
+ s.Service.Signout(ctx, c)
+ return
+}
+
func (s *as) Post(ctx context.Context, c *model.Client, content string,
replyToID string, format string, visibility string, isNSFW bool,
files []*multipart.FileHeader) (id string, err error) {
diff --git a/service/logging.go b/service/logging.go
index 795f329..2955959 100644
--- a/service/logging.go
+++ b/service/logging.go
@@ -162,6 +162,14 @@ func (s *ls) Signin(ctx context.Context, c *model.Client, sessionID string,
return s.Service.Signin(ctx, c, sessionID, code)
}
+func (s *ls) Signout(ctx context.Context, c *model.Client) (err error) {
+ defer func(begin time.Time) {
+ s.logger.Printf("method=%v, took=%v, err=%v\n",
+ "Signout", time.Since(begin), err)
+ }(time.Now())
+ return s.Service.Signout(ctx, c)
+}
+
func (s *ls) Post(ctx context.Context, c *model.Client, content string,
replyToID string, format string, visibility string, isNSFW bool,
files []*multipart.FileHeader) (id string, err error) {
diff --git a/service/service.go b/service/service.go
index e81e007..b039849 100644
--- a/service/service.go
+++ b/service/service.go
@@ -38,6 +38,7 @@ type Service interface {
NewSession(ctx context.Context, instance string) (redirectUrl string, sessionID string, err error)
Signin(ctx context.Context, c *model.Client, sessionID string,
code string) (token string, userID string, err error)
+ Signout(ctx context.Context, c *model.Client) (err error)
Post(ctx context.Context, c *model.Client, content string, replyToID string, format string,
visibility string, isNSFW bool, files []*multipart.FileHeader) (id string, err error)
Like(ctx context.Context, c *model.Client, id string) (count int64, err error)
@@ -722,6 +723,11 @@ func (svc *service) Signin(ctx context.Context, c *model.Client,
return
}
+func (svc *service) Signout(ctx context.Context, c *model.Client) (err error) {
+ svc.sessionRepo.Remove(c.Session.ID)
+ return
+}
+
func (svc *service) Post(ctx context.Context, c *model.Client, content string,
replyToID string, format string, visibility string, isNSFW bool,
files []*multipart.FileHeader) (id string, err error) {
diff --git a/service/transport.go b/service/transport.go
index 48e2ee2..6540333 100644
--- a/service/transport.go
+++ b/service/transport.go
@@ -646,12 +646,16 @@ func NewHandler(s Service, staticDir string) http.Handler {
}
signout := func(w http.ResponseWriter, req *http.Request) {
- // TODO remove session from database
+ c := newClient(w)
+ ctx := newCtxWithSesionCSRF(req, req.FormValue("csrf_token"))
+
+ s.Signout(ctx, c)
http.SetCookie(w, &http.Cookie{
Name: "session_id",
Value: "",
Expires: time.Now(),
})
+
w.Header().Add("Location", "/")
w.WriteHeader(http.StatusFound)
}
@@ -763,7 +767,7 @@ func NewHandler(s Service, staticDir string) http.Handler {
r.HandleFunc("/unmuteconv/{id}", unMuteConversation).Methods(http.MethodPost)
r.HandleFunc("/delete/{id}", delete).Methods(http.MethodPost)
r.HandleFunc("/notifications/read", readNotifications).Methods(http.MethodPost)
- r.HandleFunc("/signout", signout).Methods(http.MethodGet)
+ r.HandleFunc("/signout", signout).Methods(http.MethodPost)
r.HandleFunc("/fluoride/like/{id}", fLike).Methods(http.MethodPost)
r.HandleFunc("/fluoride/unlike/{id}", fUnlike).Methods(http.MethodPost)
r.HandleFunc("/fluoride/retweet/{id}", fRetweet).Methods(http.MethodPost)