salix/back/methods/vn-token/killSession.js

module.exports = Self => {
    Self.remoteMethodCtx('killSession', {
        description: 'Kill session',
        accepts: [{
            arg: 'userId',
            type: 'integer',
            description: 'The user id',
            required: true,
        }, {
            arg: 'created',
            type: 'date',
            description: 'The created time',
            required: true,
        }],
        accessType: 'WRITE',
        http: {
            path: `/killSession`,
            verb: 'POST'
        }
    });

    Self.killSession = async function(ctx, userId, created) {
        await Self.app.models.VnUser.userSecurity(ctx, ctx.req.accessToken.userId);
        const tokens = await Self.app.models.AccessToken.find({where: {userId, created}});
        if (!tokens?.length) return;
        for (const token of tokens)
            await Self.app.models.AccessToken.deleteById(token.id);
    };
};
feat(AccessToken&ACL): refs #7547 upgrade security 2024-06-21 12:28:55 +00:00			`module.exports = Self => {`
			`Self.remoteMethodCtx('killSession', {`
			`description: 'Kill session',`
			`accepts: [{`
			`arg: 'userId',`
			`type: 'integer',`
			`description: 'The user id',`
			`required: true,`
			`}, {`
			`arg: 'created',`
			`type: 'date',`
			`description: 'The created time',`
			`required: true,`
			`}],`
			`accessType: 'WRITE',`
			`http: {`
			path: `/killSession`,
			`verb: 'POST'`
			`}`
			`});`

			`Self.killSession = async function(ctx, userId, created) {`
			`await Self.app.models.VnUser.userSecurity(ctx, ctx.req.accessToken.userId);`
			`const tokens = await Self.app.models.AccessToken.find({where: {userId, created}});`
			`if (!tokens?.length) return;`
			`for (const token of tokens)`
			`await Self.app.models.AccessToken.deleteById(token.id);`
			`};`
			`};`