[server] Add API to terminate userSession

2025-08-08 07:28:26 +00:00 · 2024-10-22 10:16:52 +05:30 · 2024-10-22 10:16:52 +05:30 · 4dc2d277d2
commit 4dc2d277d2
parent 92478ecb9c
4 changed files with 25 additions and 0 deletions
--- a/server/cmd/museum/main.go
+++ b/server/cmd/museum/main.go
@ -651,6 +651,7 @@ func main() {
 	adminAPI.POST("/user/disable-passkeys", adminHandler.RemovePasskeys)
 	adminAPI.POST("/user/update-email-mfa", adminHandler.UpdateEmailMFA)
 	adminAPI.POST("/user/add-ott", adminHandler.AddOtt)
+	adminAPI.POST("/user/terminate-session", adminHandler.TerminateSession)
 	adminAPI.POST("/user/close-family", adminHandler.CloseFamily)
 	adminAPI.PUT("/user/change-email", adminHandler.ChangeEmail)
 	adminAPI.DELETE("/user/delete", adminHandler.DeleteUser)
--- a/server/ente/admin.go
+++ b/server/ente/admin.go
@ -31,6 +31,11 @@ type AdminOttReq struct {
 	ExpiryTime int64  `json:"expiryTime" binding:"required"`
 }

+type LogoutSessionReq struct {
+	Token  string `json:"token" binding:"required"`
+	UserID int64  `json:"userID" binding:"required"`
+}
+
 func (a AdminOttReq) Validate() error {
 	if !a.App.IsValid() {
 		return errors.New("invalid app")
--- a/server/pkg/api/admin.go
+++ b/server/pkg/api/admin.go
@ -343,6 +343,22 @@ func (h *AdminHandler) AddOtt(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{})
 }

+func (h *AdminHandler) TerminateSession(c *gin.Context) {
+	var request ente.LogoutSessionReq
+	if err := c.ShouldBindJSON(&request); err != nil {
+		handler.Error(c, stacktrace.Propagate(ente.ErrBadRequest, "Bad request"))
+		return
+	}
+	go h.DiscordController.NotifyAdminAction(
+		fmt.Sprintf("Admin (%d) terminating session for user %d", auth.GetUserID(c.Request.Header), request.UserID))
+	err := h.UserController.TerminateSession(request.UserID, request.Token)
+	if err != nil {
+		handler.Error(c, stacktrace.Propagate(err, ""))
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{})
+}
+
 func (h *AdminHandler) UpdateFeatureFlag(c *gin.Context) {
 	var request ente.AdminUpdateKeyValueRequest
 	if err := c.ShouldBindJSON(&request); err != nil {
--- a/server/pkg/middleware/request_logger.go
+++ b/server/pkg/middleware/request_logger.go
@ -41,6 +41,9 @@ func shouldSkipBodyLog(method string, path string) bool {
 	if path == "/files/data" && method == "PUT" {
 		return true
 	}
+	if path == "/admin/user/terminate-session" {
+		return true
+	}
 	return false
 }