hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

closes #6678

Browse Source
v1.18.x
Julian Lam 7 years ago
parent 29836aaad9
commit c2c925cacd
8 changed files with 93 additions and 36 deletions
Show Stats Download Patch File Download Diff File

4
install/package.json
Unescape Escape View File

@ -77,9 +77,9 @@
"nodebb-plugin-spam-be-gone": "0.5.4", "nodebb-plugin-spam-be-gone": "0.5.4",
"nodebb-rewards-essentials": "0.0.11", "nodebb-rewards-essentials": "0.0.11",
"nodebb-theme-lavender": "5.0.7", "nodebb-theme-lavender": "5.0.7",
"nodebb-theme-persona": "9.0.28", "nodebb-theme-persona": "9.0.29",
"nodebb-theme-slick": "1.2.9", "nodebb-theme-slick": "1.2.9",
"nodebb-theme-vanilla": "10.1.1", "nodebb-theme-vanilla": "10.1.2",
"nodebb-widget-essentials": "4.0.7", "nodebb-widget-essentials": "4.0.7",
"nodemailer": "^4.6.5", "nodemailer": "^4.6.5",
"passport": "^0.4.0", "passport": "^0.4.0",

1
public/language/en-GB/pages.json
Unescape Escape View File

@ -60,6 +60,7 @@
"account/best": "Best posts made by %1", "account/best": "Best posts made by %1",
"account/blocks": "Blocked users for %1", "account/blocks": "Blocked users for %1",
"account/uploads": "Uploads by %1", "account/uploads": "Uploads by %1",
"account/sessions": "Login Sessions",
"confirm": "Email Confirmed", "confirm": "Email Confirmed",

2
public/language/en-GB/user.json
Unescape Escape View File

@ -169,6 +169,8 @@
"info.moderation-note.success": "Moderation note saved", "info.moderation-note.success": "Moderation note saved",
"info.moderation-note.add": "Add note", "info.moderation-note.add": "Add note",
"sessions.description": "This page allows you to view any active sessions on this forum and revoke them if necessary. You can revoke your own session by logging out of your account.",
"consent.title": "Your Rights & Consent", "consent.title": "Your Rights & Consent",
"consent.lead": "This community forum collects and processes your personal information.", "consent.lead": "This community forum collects and processes your personal information.",
"consent.intro": "We use this information strictly to personalise your experience in this community, as well as to associate the posts you make to your user account. During the registration step you were asked to provide a username and email address, you can also optionally provide additional information to complete your user profile on this website.<br /><br />We retain this information for the life of your user account, and you are able to withdraw consent at any time by deleting your account. At any time you may request a copy of your contribution to this website, via your Rights &amp; Consent page.<br /><br />If you have any questions or concerns, we encourage you to reach out to this forum's administrative team.", "consent.intro": "We use this information strictly to personalise your experience in this community, as well as to associate the posts you make to your user account. During the registration step you were asked to provide a username and email address, you can also optionally provide additional information to complete your user profile on this website.<br /><br />We retain this information for the life of your user account, and you are able to withdraw consent at any time by deleting your account. At any time you may request a copy of your contribution to this website, via your Rights &amp; Consent page.<br /><br />If you have any questions or concerns, we encourage you to reach out to this forum's administrative team.",

35
public/src/client/account/info.js
Unescape Escape View File

@ -1,13 +1,13 @@
'use strict'; 'use strict';
define('forum/account/info', ['forum/account/header', 'components'], function (header, components) { define('forum/account/info', ['forum/account/header', 'components', 'forum/account/sessions'], function (header, components, sessions) {
var Info = {}; var Info = {};
Info.init = function () { Info.init = function () {
header.init(); header.init();
handleModerationNote(); handleModerationNote();
prepareSessionRevoking(); sessions.prepareSessionRevocation();
}; };
function handleModerationNote() { function handleModerationNote() {
@ -34,36 +34,5 @@ define('forum/account/info', ['forum/account/header', 'components'], function (h
}); });
} }
function prepareSessionRevoking() {
components.get('user/sessions').on('click', '[data-action]', function () {
var parentEl = $(this).parents('[data-uuid]');
var uuid = parentEl.attr('data-uuid');
if (uuid) {
// This is done via DELETE because a user shouldn't be able to
// revoke his own session! This is what logout is for
$.ajax({
url: config.relative_path + '/api/user/' + ajaxify.data.userslug + '/session/' + uuid,
method: 'delete',
headers: {
'x-csrf-token': config.csrf_token,
},
}).done(function () {
parentEl.remove();
}).fail(function (err) {
try {
var errorObj = JSON.parse(err.responseText);
if (errorObj.loggedIn === false) {
window.location.href = config.relative_path + '/login?error=' + errorObj.title;
}
app.alertError(errorObj.title);
} catch (e) {
app.alertError('[[error:invalid-data]]');
}
});
}
});
}
return Info; return Info;
}); });

44
public/src/client/account/sessions.js
Unescape Escape View File

@ -0,0 +1,44 @@
'use strict';
define('forum/account/sessions', ['forum/account/header', 'components'], function (header, components) {
var Sessions = {};
Sessions.init = function () {
header.init();
Sessions.prepareSessionRevocation();
};
Sessions.prepareSessionRevocation = function () {
components.get('user/sessions').on('click', '[data-action]', function () {
var parentEl = $(this).parents('[data-uuid]');
var uuid = parentEl.attr('data-uuid');
if (uuid) {
// This is done via DELETE because a user shouldn't be able to
// revoke his own session! This is what logout is for
$.ajax({
url: config.relative_path + '/api/user/' + ajaxify.data.userslug + '/session/' + uuid,
method: 'delete',
headers: {
'x-csrf-token': config.csrf_token,
},
}).done(function () {
parentEl.remove();
}).fail(function (err) {
try {
var errorObj = JSON.parse(err.responseText);
if (errorObj.loggedIn === false) {
window.location.href = config.relative_path + '/login?error=' + errorObj.title;
}
app.alertError(errorObj.title);
} catch (e) {
app.alertError('[[error:invalid-data]]');
}
});
}
});
};
return Sessions;
});

11
src/controllers/accounts/helpers.js
Unescape Escape View File

@ -65,6 +65,17 @@ helpers.getUserDataByUserSlug = function (userslug, callerUID, callback) {
globalMod: true, globalMod: true,
admin: true, admin: true,
}, },
}, {
id: 'sessions',
route: 'sessions',
name: '[[pages:account/sessions]]',
visibility: {
self: true,
other: false,
moderator: false,
globalMod: true,
admin: true,
},
}, { }, {
id: 'consent', id: 'consent',
route: 'consent', route: 'consent',

30
src/controllers/accounts/sessions.js
Unescape Escape View File

@ -4,9 +4,39 @@ var async = require('async');
var db = require('../../database'); var db = require('../../database');
var user = require('../../user'); var user = require('../../user');
var helpers = require('../helpers');
var accountHelpers = require('./helpers');
var sessionController = {}; var sessionController = {};
sessionController.get = function (req, res, callback) {
var userData;
async.waterfall([
function (next) {
accountHelpers.getUserDataByUserSlug(req.params.userslug, req.uid, next);
},
function (_userData, next) {
userData = _userData;
if (!userData) {
return callback();
}
async.parallel({
sessions: async.apply(user.auth.getSessions, userData.uid, req.sessionID),
}, next);
},
function (data) {
userData.sessions = data.sessions;
userData.title = '[[pages:account/sessions]]';
userData.breadcrumbs = helpers.buildBreadcrumbs([{ text: userData.username, url: '/user/' + userData.userslug }, { text: '[[pages:account/sessions]]' }]);
res.render('account/sessions', userData);
},
], callback);
};
sessionController.revoke = function (req, res, next) { sessionController.revoke = function (req, res, next) {
if (!req.params.hasOwnProperty('uuid')) { if (!req.params.hasOwnProperty('uuid')) {
return next(); return next();

2
src/routes/accounts.js
Unescape Escape View File

@ -33,7 +33,7 @@ module.exports = function (app, middleware, controllers) {
setupPageRoute(app, '/user/:userslug/uploads', middleware, accountMiddlewares, controllers.accounts.uploads.get); setupPageRoute(app, '/user/:userslug/uploads', middleware, accountMiddlewares, controllers.accounts.uploads.get);
setupPageRoute(app, '/user/:userslug/consent', middleware, accountMiddlewares, controllers.accounts.consent.get); setupPageRoute(app, '/user/:userslug/consent', middleware, accountMiddlewares, controllers.accounts.consent.get);
setupPageRoute(app, '/user/:userslug/blocks', middleware, accountMiddlewares, controllers.accounts.blocks.getBlocks); setupPageRoute(app, '/user/:userslug/blocks', middleware, accountMiddlewares, controllers.accounts.blocks.getBlocks);
setupPageRoute(app, '/user/:userslug/sessions', middleware, accountMiddlewares, controllers.accounts.sessions.get);
app.delete('/api/user/:userslug/session/:uuid', [middleware.exposeUid, middleware.ensureSelfOrGlobalPrivilege], controllers.accounts.sessions.revoke); app.delete('/api/user/:userslug/session/:uuid', [middleware.exposeUid, middleware.ensureSelfOrGlobalPrivilege], controllers.accounts.sessions.revoke);
setupPageRoute(app, '/notifications', middleware, [middleware.authenticate], controllers.accounts.notifications.get); setupPageRoute(app, '/notifications', middleware, [middleware.authenticate], controllers.accounts.notifications.get);

Write Preview
Loading…
Cancel
Save