Session management for admins now includes delete capabilities
This commit is contained in:
parent
69bb1368cb
commit
2d73384e17
@ -3,7 +3,7 @@
|
||||
|
||||
include_once('../include/lucidAuth.functions.php');
|
||||
|
||||
if ($_POST['do'] == 'login') {
|
||||
if ($_POST['do'] === 'login') {
|
||||
$result = authenticateLDAP($_POST['username'], $_POST['password']);
|
||||
if ($result['status'] === 'Success') {
|
||||
// Store authentication token; in database serverside & in cookie clientside
|
||||
|
@ -8,72 +8,111 @@
|
||||
}
|
||||
|
||||
if ($validateTokenResult['status'] === "Success") {
|
||||
if ($_REQUEST['do'] === 'retrievesessions') {
|
||||
$storedTokens = [];
|
||||
switch ($_REQUEST['do']) {
|
||||
case 'retrievesessions':
|
||||
$storedTokens = [];
|
||||
|
||||
$pdoQuery = $pdoDB->prepare('
|
||||
SELECT SecureToken.Id, SecureToken.UserId, SecureToken.Value
|
||||
FROM SecureToken
|
||||
WHERE SecureToken.UserId = :userid
|
||||
');
|
||||
$pdoQuery->execute([
|
||||
':userid' => (int) $_REQUEST['userid']
|
||||
]);
|
||||
foreach($pdoQuery->fetchAll(PDO::FETCH_ASSOC) as $row) {
|
||||
try {
|
||||
$JWTPayload = JWT::decode($row['Value'], base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']);
|
||||
$storedTokens[] = [
|
||||
'tid' => $row['Id'],
|
||||
'iat' => $JWTPayload->iat,
|
||||
'iss' => $JWTPayload->iss,
|
||||
'fp' => $JWTPayload->fp
|
||||
];
|
||||
} catch (Exception $e) {
|
||||
// Invalid token
|
||||
continue;
|
||||
$pdoQuery = $pdoDB->prepare('
|
||||
SELECT SecureToken.Id, SecureToken.UserId, SecureToken.Value
|
||||
FROM SecureToken
|
||||
WHERE SecureToken.UserId = :userid
|
||||
');
|
||||
$pdoQuery->execute([
|
||||
':userid' => (int) $_REQUEST['userid']
|
||||
]);
|
||||
foreach($pdoQuery->fetchAll(PDO::FETCH_ASSOC) as $row) {
|
||||
try {
|
||||
$JWTPayload = JWT::decode($row['Value'], base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']);
|
||||
$storedTokens[] = [
|
||||
'tid' => $row['Id'],
|
||||
'iat' => $JWTPayload->iat,
|
||||
'iss' => $JWTPayload->iss,
|
||||
'fp' => $JWTPayload->fp
|
||||
];
|
||||
} catch (Exception $e) {
|
||||
// Invalid token
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Return JSON object
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode([
|
||||
"Result" => "Success",
|
||||
"SessionCount" => sizeof($storedTokens),
|
||||
"UserSessions" => json_encode($storedTokens)
|
||||
]);
|
||||
} else {
|
||||
// No action requested, default action
|
||||
include_once('../include/lucidAuth.template.php');
|
||||
// Return JSON object
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode([
|
||||
"Result" => "Success",
|
||||
"SessionCount" => sizeof($storedTokens),
|
||||
"UserSessions" => json_encode($storedTokens)
|
||||
]);
|
||||
break;
|
||||
case 'deletesession':
|
||||
if (isset($_REQUEST['userid']) && isset($_REQUEST['tokenid'])) {
|
||||
try {
|
||||
$pdoQuery = $pdoDB->prepare('
|
||||
DELETE FROM SecureToken
|
||||
WHERE SecureToken.UserId = :userid AND SecureToken.Id = :tokenid
|
||||
');
|
||||
$pdoQuery->execute([
|
||||
':userid' => (int) $_REQUEST['userid'],
|
||||
':tokenid' => (int) $_REQUEST['tokenid']
|
||||
]);
|
||||
|
||||
try {
|
||||
$allUsers = $pdoDB->query('
|
||||
SELECT User.Id, User.Username, Role.Rolename
|
||||
FROM User
|
||||
LEFT JOIN Role
|
||||
ON (Role.Id = User.RoleId)
|
||||
')->fetchAll(PDO::FETCH_ASSOC);
|
||||
} catch (Exception $e) {
|
||||
// Return JSON object
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode([
|
||||
"Result" => "Success",
|
||||
"RowCount" => $pdoQuery->RowCount()
|
||||
]);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
// Return JSON object
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode([
|
||||
"Result" => "Failure",
|
||||
"Reason" => "Failed deleting tokens from database"
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
} else {
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode([
|
||||
"Result" => "Failure",
|
||||
"Reason" => "Incomplete request data"
|
||||
]);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
// No action requested, default action
|
||||
include_once('../include/lucidAuth.template.php');
|
||||
|
||||
try {
|
||||
$allUsers = $pdoDB->query('
|
||||
SELECT User.Id, User.Username, Role.Rolename
|
||||
FROM User
|
||||
LEFT JOIN Role
|
||||
ON (Role.Id = User.RoleId)
|
||||
')->fetchAll(PDO::FETCH_ASSOC);
|
||||
} catch (Exception $e) {
|
||||
// Should really do some actual errorhandling here
|
||||
throw new Exception($e);
|
||||
}
|
||||
foreach($allUsers as $row) {
|
||||
$tableRows[] = sprintf('<tr%1$s><td data-userid="%2$s">%3$s</td><td>%4$s</td><td class="immutable">%5$s</td></tr>',
|
||||
$validateTokenResult['uid'] === $row['Id'] ? ' class="currentuser"': null,
|
||||
$row['Id'],
|
||||
explode('\\', $row['Username'])[1],
|
||||
$row['Rolename'],
|
||||
'<button class="bttn-simple bttn-xs bttn-primary session" data-translation="button_sessions">Sessions</button>' . ($validateTokenResult['uid'] === $row['Id'] ? null : ' <button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">Delete</button>')
|
||||
);
|
||||
}
|
||||
throw new Exception($e);
|
||||
}
|
||||
foreach($allUsers as $row) {
|
||||
$tableRows[] = sprintf('<tr%1$s><td data-userid="%2$s">%3$s</td><td>%4$s</td><td class="immutable">%5$s</td></tr>',
|
||||
$validateTokenResult['uid'] === $row['Id'] ? ' class="currentuser"': null,
|
||||
$row['Id'],
|
||||
explode('\\', $row['Username'])[1],
|
||||
$row['Rolename'],
|
||||
'<button class="bttn-simple bttn-xs bttn-primary session" data-translation="button_sessions">Sessions</button>' . ($validateTokenResult['uid'] === $row['Id'] ? null : ' <button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">Delete</button>')
|
||||
);
|
||||
}
|
||||
|
||||
echo sprintf($pageLayout['full_alt'],
|
||||
sprintf($contentLayout['manage']['header'],
|
||||
$validateTokenResult['name']
|
||||
),
|
||||
sprintf($contentLayout['manage']['section'],
|
||||
implode($tableRows)
|
||||
)
|
||||
);
|
||||
echo sprintf($pageLayout['full_alt'],
|
||||
sprintf($contentLayout['manage']['header'],
|
||||
$validateTokenResult['name']
|
||||
),
|
||||
sprintf($contentLayout['manage']['section'],
|
||||
implode($tableRows)
|
||||
)
|
||||
);
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
// No cookie containing valid authentication token found;
|
||||
|
@ -1,22 +1,72 @@
|
||||
jQuery.fn.inlineConfirm = function() {
|
||||
return this.on('click', function(event) {
|
||||
sessionID = $(this).data('sessionid');
|
||||
// event.preventDefault();
|
||||
$(this).off('click').parent().empty().append(
|
||||
$('<button>', {
|
||||
jQuery.fn.ConfirmDelete = function() {
|
||||
return this.on('click', function() {
|
||||
var sessionID = $(this).data('sessionid');
|
||||
|
||||
$(this).off('click').parent().empty()
|
||||
.append($('<button>', {
|
||||
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_yes'],
|
||||
class: 'bttn-simple bttn-xs bttn-primary sessiondeleteconfirm',
|
||||
style: 'margin-right: 3px;',
|
||||
'data-translation': 'button_yes',
|
||||
'data-sessionid': sessionID
|
||||
})).append(
|
||||
$('<button>', {
|
||||
}).on('click', function() {
|
||||
var pressedButton = $(this);
|
||||
$(pressedButton).prop('disabled', true).css({
|
||||
'background': '#999 url(data:image/gif;base64,R0lGODlhEAAQAPIAAJmZmf///7CwsOPj4////9fX18rKysPDwyH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==) no-repeat center',
|
||||
'color': 'transparent',
|
||||
'transform': 'rotateX(180deg)',
|
||||
'cursor': 'default'
|
||||
}).next().prop('disabled', true).addClass('disabled');
|
||||
|
||||
$.post("lucidAuth.manage.php", {
|
||||
do: "deletesession",
|
||||
tokenid: sessionID,
|
||||
userid: $(pressedButton).closest('tr').data('userid')
|
||||
})
|
||||
.done(function(data,_status) {
|
||||
if (data.Result === 'Success') {
|
||||
$(pressedButton).css({
|
||||
'background': 'green url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAaklEQVQ4jeXOMQ5AQBBG4T2BC4i76EWich7ncAKbqCRuodTqnMNTkFgJs3ZU4tXz/Rlj/hUQv8EpMAClFk9sjUAiHVcCnoFMwhZYgPYG575Xe46aIOyMdJx7ji9GwrEzUgOFCu8DkRp/qxU2BKCUyZR6ygAAAABJRU5ErkJggg==) no-repeat center',
|
||||
'transform': 'rotateX(0deg)'
|
||||
});
|
||||
setTimeout(function() {
|
||||
$(pressedButton).closest('tr').fadeOut(500, function() {
|
||||
$(this).remove()});
|
||||
}, 2250);
|
||||
} else {
|
||||
$(pressedButton).css({
|
||||
'background': 'red url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAv0lEQVQ4jaWT0Q3CMAxELwh1BEag87AJ6hcLlE/KBLABrNEV2h26QaXHj4NMGgpS7sfJJXd24kQqRMiRQC3pIKk2apD0DCEMq25ABZyBmSVmW6vWxH1GmKLPmph7xJQReq5dnNmVPQE7oHOCzrhoMts9vQ1OSbYOCBb92OPkDe6ZkqMwJwa4SdJmtS1/YGsx7e9VUiPpYvPG4tHtGUsvcf+RkpI2mkHZQ3ImLd+fcpuKf32meM5R0iOEMOb2F+EF33vgCePVr8UAAAAASUVORK5CYII=) no-repeat center',
|
||||
'transform': 'rotateX(0deg)'
|
||||
});
|
||||
setTimeout(function() {
|
||||
$(pressedButton).closest('td').empty()
|
||||
.append(
|
||||
$('<button>', {
|
||||
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'],
|
||||
class: 'bttn-simple bttn-xs bttn-primary sessiondelete',
|
||||
'data-translation': 'button_delete',
|
||||
'data-sessionid': sessionID
|
||||
}).ConfirmDelete())
|
||||
}, 2250);
|
||||
}
|
||||
});
|
||||
}))
|
||||
.append($('<button>', {
|
||||
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_no'],
|
||||
class: 'bttn-simple bttn-xs bttn-primary sessiondeletecancel',
|
||||
'data-translation': 'button_no',
|
||||
'data-sessionid': sessionID
|
||||
})
|
||||
);
|
||||
}).on('click', function() {
|
||||
var pressedButton = $(this);
|
||||
$(pressedButton).closest('td').empty()
|
||||
.append(
|
||||
$('<button>', {
|
||||
text: locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'],
|
||||
class: 'bttn-simple bttn-xs bttn-primary sessiondelete',
|
||||
'data-translation': 'button_delete',
|
||||
'data-sessionid': sessionID
|
||||
}).ConfirmDelete())
|
||||
}))
|
||||
});
|
||||
};
|
||||
|
||||
@ -35,9 +85,11 @@ $(document).ready(function(){
|
||||
$('#sessions tbody').empty();
|
||||
$('#sessions').fadeToggle();
|
||||
|
||||
var userID = $(this).closest('tr').find('td:nth-child(1)').data('userid');
|
||||
|
||||
$.post("lucidAuth.manage.php", {
|
||||
do: "retrievesessions",
|
||||
userid: $(this).closest('tr').find('td:nth-child(1)').data('userid')
|
||||
userid: userID
|
||||
})
|
||||
.done(function(data,_status) {
|
||||
if (data.Result === 'Success') {
|
||||
@ -51,7 +103,9 @@ $(document).ready(function(){
|
||||
} catch(e) {
|
||||
// Do nothing
|
||||
}
|
||||
$('#sessiontable tbody').append($('<tr>')
|
||||
$('#sessiontable tbody').append($('<tr>', {
|
||||
'data-userid': userID
|
||||
})
|
||||
.append($('<td>', {
|
||||
text: new Date(Sessions[i]['iat'] * 1000).toLocaleString('en-GB')
|
||||
}))
|
||||
@ -70,7 +124,7 @@ $(document).ready(function(){
|
||||
}))
|
||||
);
|
||||
}
|
||||
$('#sessiontable .sessiondelete').inlineConfirm();
|
||||
$('#sessiontable .sessiondelete').ConfirmDelete();
|
||||
} else {
|
||||
}
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user