added /delete_session

2019-09-26 18:44:00 -04:00 · 2019-09-26 18:44:00 -04:00 · b174c1d2e8
commit b174c1d2e8
parent b24061fb05
2 changed files with 41 additions and 16 deletions
--- a/buckler.py
+++ b/buckler.py
@ -336,6 +336,26 @@ async def delete_key(request):
 	raise web.HTTPFound(location=index_url)


+@routes.post(config.url_prefix + '/delete_session', name='delete_session')
+@auth.auth_required
+async def delete_session(request):
+	"""Allows a user to delete a session ."""
+	data = await request.post()
+	async with request.app['pool'].acquire() as conn:
+		for key, value in data.items():
+			session_id = key.replace('session-', '', 1)
+			if not session_id:
+				continue
+			if value != 'on':
+				continue
+			await conn.execute(
+				"DELETE FROM user_session "
+				"WHERE id = $1 AND user_id = $2",
+				session_id, request['session']['id'])
+	index_url = request.app.router['index'].url_for()
+	raise web.HTTPFound(location=index_url)
+
+
 async def init_app():
 	"""Initializes the application."""
 	app = web.Application()
--- a/templates/index.html
+++ b/templates/index.html
@ -107,22 +107,27 @@
 				<h2>Active Sessions</h2>
 				<article style="display: none;">
 					<hr>
-					<table id="active_sessions">
-						<thead>
-							<tr>
-								<th>IP Address</th>
-								<th>Delete</th>
-							</tr>
-						</thead>
-						<tbody>
-							{% for session in active_sessions %}
-							<tr>
-								<td>{{ session['ip_address'] }}</td>
-								<td><input aria-label="Delete {{ session['id'][:5] }}" id="session-{{ session['id'][:5] }}" name="session-{{ session['id'][:5] }}"  type="checkbox"></td>
-							</tr>
-							{% endfor %}
-						</tbody>
-					</table>
+					<form action="{{ request.app.router['delete_session'].url_for() }}" method="POST" enctype="application/x-www-form-urlencoded">
+						<table id="active_sessions">
+							<thead>
+								<tr>
+									<th>Session ID</th>
+									<th>IP Address</th>
+									<th>Delete</th>
+								</tr>
+							</thead>
+							<tbody>
+								{% for session in active_sessions %}
+								<tr>
+									<td><code>{{ session['id'][:5] }}...{{ session['id'][-5:] }}</code></td>
+									<td>{{ session['ip_address'] }}</td>
+									<td><input aria-label="Delete {{ session['id'][:5] }}...{{ session['id'][-5:] }}" id="session-{{ session['id'] }}" name="session-{{ session['id'] }}"  type="checkbox"></td>
+								</tr>
+								{% endfor %}
+							</tbody>
+						</table>
+						<input type="submit" value="Delete">
+					</form>
 				</article>
 			</section>
 		</main>