From 11706cc1c7630580bdd405b58506a2ac71ae628e Mon Sep 17 00:00:00 2001 From: Ethan Dalool Date: Mon, 7 Nov 2022 17:51:02 -0800 Subject: [PATCH] Add admin button to clear all login sessions. --- .../backend/endpoints/admin_endpoints.py | 8 ++++++++ frontends/etiquette_flask/backend/sessions.py | 3 +++ frontends/etiquette_flask/static/js/api.js | 9 +++++++++ frontends/etiquette_flask/templates/admin.html | 16 ++++++++++++++++ 4 files changed, 36 insertions(+) diff --git a/frontends/etiquette_flask/backend/endpoints/admin_endpoints.py b/frontends/etiquette_flask/backend/endpoints/admin_endpoints.py index 49f604e..72b2d56 100644 --- a/frontends/etiquette_flask/backend/endpoints/admin_endpoints.py +++ b/frontends/etiquette_flask/backend/endpoints/admin_endpoints.py @@ -35,6 +35,14 @@ def get_dbdump(): } return flask.Response(binary, headers=outgoing_headers) +@site.route('/admin/clear_sessions', methods=['POST']) +def post_clear_sessions(): + if not request.is_localhost: + return flasktools.json_response({}, status=403) + + session_manager.clear() + return flasktools.json_response({}) + @site.route('/admin/reload_config', methods=['POST']) def post_reload_config(): if not request.is_localhost: diff --git a/frontends/etiquette_flask/backend/sessions.py b/frontends/etiquette_flask/backend/sessions.py index bf1cddd..e5b6f0c 100644 --- a/frontends/etiquette_flask/backend/sessions.py +++ b/frontends/etiquette_flask/backend/sessions.py @@ -37,6 +37,9 @@ class SessionManager: def add(self, session): self.sessions[session.token] = session + def clear(self): + self.sessions.clear() + def get(self, request): token = _normalize_token(request) session = self.sessions[token] diff --git a/frontends/etiquette_flask/static/js/api.js b/frontends/etiquette_flask/static/js/api.js index 5fbbd14..e70eb72 100644 --- a/frontends/etiquette_flask/static/js/api.js +++ b/frontends/etiquette_flask/static/js/api.js @@ -3,6 +3,15 @@ const api = {}; /**************************************************************************************************/ api.admin = {}; +api.admin.clear_sessions = +function clear_sessions(callback) +{ + return http.post({ + url: "/admin/clear_sessions", + callback: callback, + }); +} + api.admin.reload_config = function reload_config(callback) { diff --git a/frontends/etiquette_flask/templates/admin.html b/frontends/etiquette_flask/templates/admin.html index f1cdd39..df18985 100644 --- a/frontends/etiquette_flask/templates/admin.html +++ b/frontends/etiquette_flask/templates/admin.html @@ -25,6 +25,7 @@

Admin tools

+

Download database file

@@ -32,6 +33,21 @@