Add admin button to clear all login sessions.

2022-11-07 17:51:02 -08:00 · 2022-11-07 17:51:02 -08:00 · 11706cc1c7
commit 11706cc1c7
parent ba99b43bc7
4 changed files with 36 additions and 0 deletions
--- a/frontends/etiquette_flask/backend/endpoints/admin_endpoints.py
+++ b/frontends/etiquette_flask/backend/endpoints/admin_endpoints.py
@ -35,6 +35,14 @@ def get_dbdump():
    }
    return flask.Response(binary, headers=outgoing_headers)

+@site.route('/admin/clear_sessions', methods=['POST'])
+def post_clear_sessions():
+    if not request.is_localhost:
+        return flasktools.json_response({}, status=403)
+
+    session_manager.clear()
+    return flasktools.json_response({})
+
@site.route('/admin/reload_config', methods=['POST'])
 def post_reload_config():
    if not request.is_localhost:
--- a/frontends/etiquette_flask/backend/sessions.py
+++ b/frontends/etiquette_flask/backend/sessions.py
@ -37,6 +37,9 @@ class SessionManager:
    def add(self, session):
        self.sessions[session.token] = session

+    def clear(self):
+        self.sessions.clear()
+
    def get(self, request):
        token = _normalize_token(request)
        session = self.sessions[token]
--- a/frontends/etiquette_flask/static/js/api.js
+++ b/frontends/etiquette_flask/static/js/api.js
@ -3,6 +3,15 @@ const api = {};
 /**************************************************************************************************/
 api.admin = {};

+api.admin.clear_sessions =
+function clear_sessions(callback)
+{
+    return http.post({
+        url: "/admin/clear_sessions",
+        callback: callback,
+    });
+}
+
 api.admin.reload_config =
 function reload_config(callback)
 {
--- a/frontends/etiquette_flask/templates/admin.html
+++ b/frontends/etiquette_flask/templates/admin.html
@ -25,6 +25,7 @@
        <h1>Admin tools</h1>
        <p><button id="reload_config_button" class="green_button" onclick="return reload_config_form();">Reload config file</button></p>
        <p><button id="uncache_button" class="green_button" onclick="return uncache_form();">Uncache objects</button></p>
+        <p><button id="clear_sessions_button" class="green_button" onclick="return clear_sessions_form();">Clear login sessions</button></p>
        <p><a href="/admin/dbdownload">Download database file</a></p>
    </div>
 </div>
@ -32,6 +33,21 @@


 <script type="text/javascript">
+function clear_sessions_form()
+{
+    const reload_config_button = document.getElementById("clear_sessions_button");
+    clear_sessions_button.disabled = true;
+    function callback(response)
+    {
+        clear_sessions_button.disabled = false;
+        if (response.meta.status !== 200)
+        {
+            alert(JSON.stringify(response));
+        }
+    }
+    return api.admin.clear_sessions(callback);
+}
+
 function reload_config_form()
 {
    const reload_config_button = document.getElementById("reload_config_button");