30 lines
913 B
JavaScript
30 lines
913 B
JavaScript
module.exports = Self => {
|
|
Self.remoteMethodCtx('killSession', {
|
|
description: 'Kill session',
|
|
accepts: [{
|
|
arg: 'userId',
|
|
type: 'integer',
|
|
description: 'The user id',
|
|
required: true,
|
|
}, {
|
|
arg: 'created',
|
|
type: 'date',
|
|
description: 'The created time',
|
|
required: true,
|
|
}],
|
|
accessType: 'WRITE',
|
|
http: {
|
|
path: `/killSession`,
|
|
verb: 'POST'
|
|
}
|
|
});
|
|
|
|
Self.killSession = async function(ctx, userId, created) {
|
|
await Self.app.models.VnUser.userSecurity(ctx, ctx.req.accessToken.userId);
|
|
const tokens = await Self.app.models.AccessToken.find({where: {userId, created}});
|
|
if (!tokens?.length) return;
|
|
for (const token of tokens)
|
|
await Self.app.models.AccessToken.deleteById(token.id);
|
|
};
|
|
};
|