Session management for admins now includes delete capabilities
This commit is contained in:
parent
69bb1368cb
commit
2d73384e17
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
include_once('../include/lucidAuth.functions.php');
|
include_once('../include/lucidAuth.functions.php');
|
||||||
|
|
||||||
if ($_POST['do'] == 'login') {
|
if ($_POST['do'] === 'login') {
|
||||||
$result = authenticateLDAP($_POST['username'], $_POST['password']);
|
$result = authenticateLDAP($_POST['username'], $_POST['password']);
|
||||||
if ($result['status'] === 'Success') {
|
if ($result['status'] === 'Success') {
|
||||||
// Store authentication token; in database serverside & in cookie clientside
|
// Store authentication token; in database serverside & in cookie clientside
|
||||||
|
|||||||
@ -8,7 +8,8 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($validateTokenResult['status'] === "Success") {
|
if ($validateTokenResult['status'] === "Success") {
|
||||||
if ($_REQUEST['do'] === 'retrievesessions') {
|
switch ($_REQUEST['do']) {
|
||||||
|
case 'retrievesessions':
|
||||||
$storedTokens = [];
|
$storedTokens = [];
|
||||||
|
|
||||||
$pdoQuery = $pdoDB->prepare('
|
$pdoQuery = $pdoDB->prepare('
|
||||||
@ -41,7 +42,44 @@
|
|||||||
"SessionCount" => sizeof($storedTokens),
|
"SessionCount" => sizeof($storedTokens),
|
||||||
"UserSessions" => json_encode($storedTokens)
|
"UserSessions" => json_encode($storedTokens)
|
||||||
]);
|
]);
|
||||||
|
break;
|
||||||
|
case 'deletesession':
|
||||||
|
if (isset($_REQUEST['userid']) && isset($_REQUEST['tokenid'])) {
|
||||||
|
try {
|
||||||
|
$pdoQuery = $pdoDB->prepare('
|
||||||
|
DELETE FROM SecureToken
|
||||||
|
WHERE SecureToken.UserId = :userid AND SecureToken.Id = :tokenid
|
||||||
|
');
|
||||||
|
$pdoQuery->execute([
|
||||||
|
':userid' => (int) $_REQUEST['userid'],
|
||||||
|
':tokenid' => (int) $_REQUEST['tokenid']
|
||||||
|
]);
|
||||||
|
|
||||||
|
// Return JSON object
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
echo json_encode([
|
||||||
|
"Result" => "Success",
|
||||||
|
"RowCount" => $pdoQuery->RowCount()
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
catch (Exception $e) {
|
||||||
|
// Return JSON object
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
echo json_encode([
|
||||||
|
"Result" => "Failure",
|
||||||
|
"Reason" => "Failed deleting tokens from database"
|
||||||
|
]);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
echo json_encode([
|
||||||
|
"Result" => "Failure",
|
||||||
|
"Reason" => "Incomplete request data"
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
default:
|
||||||
// No action requested, default action
|
// No action requested, default action
|
||||||
include_once('../include/lucidAuth.template.php');
|
include_once('../include/lucidAuth.template.php');
|
||||||
|
|
||||||
@ -74,6 +112,7 @@
|
|||||||
implode($tableRows)
|
implode($tableRows)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// No cookie containing valid authentication token found;
|
// No cookie containing valid authentication token found;
|
||||||
|
|||||||
@ -1,22 +1,72 @@
|
|||||||
jQuery.fn.inlineConfirm = function() {
|
jQuery.fn.ConfirmDelete = function() {
|
||||||
return this.on('click', function(event) {
|
return this.on('click', function() {
|
||||||
sessionID = $(this).data('sessionid');
|
var sessionID = $(this).data('sessionid');
|
||||||
// event.preventDefault();
|
|
||||||
$(this).off('click').parent().empty().append(
|
$(this).off('click').parent().empty()
|
||||||
$('<button>', {
|
.append($('<button>', {
|
||||||
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_yes'],
|
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_yes'],
|
||||||
class: 'bttn-simple bttn-xs bttn-primary sessiondeleteconfirm',
|
class: 'bttn-simple bttn-xs bttn-primary sessiondeleteconfirm',
|
||||||
style: 'margin-right: 3px;',
|
style: 'margin-right: 3px;',
|
||||||
'data-translation': 'button_yes',
|
'data-translation': 'button_yes',
|
||||||
'data-sessionid': sessionID
|
'data-sessionid': sessionID
|
||||||
})).append(
|
}).on('click', function() {
|
||||||
|
var pressedButton = $(this);
|
||||||
|
$(pressedButton).prop('disabled', true).css({
|
||||||
|
'background': '#999 url(data:image/gif;base64,R0lGODlhEAAQAPIAAJmZmf///7CwsOPj4////9fX18rKysPDwyH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==) no-repeat center',
|
||||||
|
'color': 'transparent',
|
||||||
|
'transform': 'rotateX(180deg)',
|
||||||
|
'cursor': 'default'
|
||||||
|
}).next().prop('disabled', true).addClass('disabled');
|
||||||
|
|
||||||
|
$.post("lucidAuth.manage.php", {
|
||||||
|
do: "deletesession",
|
||||||
|
tokenid: sessionID,
|
||||||
|
userid: $(pressedButton).closest('tr').data('userid')
|
||||||
|
})
|
||||||
|
.done(function(data,_status) {
|
||||||
|
if (data.Result === 'Success') {
|
||||||
|
$(pressedButton).css({
|
||||||
|
'background': 'green url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAaklEQVQ4jeXOMQ5AQBBG4T2BC4i76EWich7ncAKbqCRuodTqnMNTkFgJs3ZU4tXz/Rlj/hUQv8EpMAClFk9sjUAiHVcCnoFMwhZYgPYG575Xe46aIOyMdJx7ji9GwrEzUgOFCu8DkRp/qxU2BKCUyZR6ygAAAABJRU5ErkJggg==) no-repeat center',
|
||||||
|
'transform': 'rotateX(0deg)'
|
||||||
|
});
|
||||||
|
setTimeout(function() {
|
||||||
|
$(pressedButton).closest('tr').fadeOut(500, function() {
|
||||||
|
$(this).remove()});
|
||||||
|
}, 2250);
|
||||||
|
} else {
|
||||||
|
$(pressedButton).css({
|
||||||
|
'background': 'red url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAv0lEQVQ4jaWT0Q3CMAxELwh1BEag87AJ6hcLlE/KBLABrNEV2h26QaXHj4NMGgpS7sfJJXd24kQqRMiRQC3pIKk2apD0DCEMq25ABZyBmSVmW6vWxH1GmKLPmph7xJQReq5dnNmVPQE7oHOCzrhoMts9vQ1OSbYOCBb92OPkDe6ZkqMwJwa4SdJmtS1/YGsx7e9VUiPpYvPG4tHtGUsvcf+RkpI2mkHZQ3ImLd+fcpuKf32meM5R0iOEMOb2F+EF33vgCePVr8UAAAAASUVORK5CYII=) no-repeat center',
|
||||||
|
'transform': 'rotateX(0deg)'
|
||||||
|
});
|
||||||
|
setTimeout(function() {
|
||||||
|
$(pressedButton).closest('td').empty()
|
||||||
|
.append(
|
||||||
$('<button>', {
|
$('<button>', {
|
||||||
|
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'],
|
||||||
|
class: 'bttn-simple bttn-xs bttn-primary sessiondelete',
|
||||||
|
'data-translation': 'button_delete',
|
||||||
|
'data-sessionid': sessionID
|
||||||
|
}).ConfirmDelete())
|
||||||
|
}, 2250);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}))
|
||||||
|
.append($('<button>', {
|
||||||
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_no'],
|
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_no'],
|
||||||
class: 'bttn-simple bttn-xs bttn-primary sessiondeletecancel',
|
class: 'bttn-simple bttn-xs bttn-primary sessiondeletecancel',
|
||||||
'data-translation': 'button_no',
|
'data-translation': 'button_no',
|
||||||
'data-sessionid': sessionID
|
'data-sessionid': sessionID
|
||||||
})
|
}).on('click', function() {
|
||||||
);
|
var pressedButton = $(this);
|
||||||
|
$(pressedButton).closest('td').empty()
|
||||||
|
.append(
|
||||||
|
$('<button>', {
|
||||||
|
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'],
|
||||||
|
class: 'bttn-simple bttn-xs bttn-primary sessiondelete',
|
||||||
|
'data-translation': 'button_delete',
|
||||||
|
'data-sessionid': sessionID
|
||||||
|
}).ConfirmDelete())
|
||||||
|
}))
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -35,9 +85,11 @@ $(document).ready(function(){
|
|||||||
$('#sessions tbody').empty();
|
$('#sessions tbody').empty();
|
||||||
$('#sessions').fadeToggle();
|
$('#sessions').fadeToggle();
|
||||||
|
|
||||||
|
var userID = $(this).closest('tr').find('td:nth-child(1)').data('userid');
|
||||||
|
|
||||||
$.post("lucidAuth.manage.php", {
|
$.post("lucidAuth.manage.php", {
|
||||||
do: "retrievesessions",
|
do: "retrievesessions",
|
||||||
userid: $(this).closest('tr').find('td:nth-child(1)').data('userid')
|
userid: userID
|
||||||
})
|
})
|
||||||
.done(function(data,_status) {
|
.done(function(data,_status) {
|
||||||
if (data.Result === 'Success') {
|
if (data.Result === 'Success') {
|
||||||
@ -51,7 +103,9 @@ $(document).ready(function(){
|
|||||||
} catch(e) {
|
} catch(e) {
|
||||||
// Do nothing
|
// Do nothing
|
||||||
}
|
}
|
||||||
$('#sessiontable tbody').append($('<tr>')
|
$('#sessiontable tbody').append($('<tr>', {
|
||||||
|
'data-userid': userID
|
||||||
|
})
|
||||||
.append($('<td>', {
|
.append($('<td>', {
|
||||||
text: new Date(Sessions[i]['iat'] * 1000).toLocaleString('en-GB')
|
text: new Date(Sessions[i]['iat'] * 1000).toLocaleString('en-GB')
|
||||||
}))
|
}))
|
||||||
@ -70,7 +124,7 @@ $(document).ready(function(){
|
|||||||
}))
|
}))
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
$('#sessiontable .sessiondelete').inlineConfirm();
|
$('#sessiontable .sessiondelete').ConfirmDelete();
|
||||||
} else {
|
} else {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user