fixing session revocation on account info page

9 years ago · d002c3eb76
parent 0d90279463
commit d002c3eb76
2 changed files with 33 additions and 33 deletions
--- a/public/src/client/account/info.js
+++ b/public/src/client/account/info.js
@ -2,12 +2,13 @@
 /* globals define, socket, ajaxify, app */
-define('forum/account/info', ['forum/account/header'], function (header) {
+define('forum/account/info', ['forum/account/header', 'components'], function (header, components) {
 	var Info = {};
 	Info.init = function () {
 		header.init();
 		handleModerationNote();
 		prepareSessionRevoking();
 	};
 	function handleModerationNote() {
@ -22,5 +23,36 @@ define('forum/account/info', ['forum/account/header'], function (header) {
 		});
 	}
 	function prepareSessionRevoking() {
 		components.get('user/sessions').on('click', '[data-action]', function () {
 			var parentEl = $(this).parents('[data-uuid]');
 			var uuid = parentEl.attr('data-uuid');
 			if (uuid) {
 				// This is done via DELETE because a user shouldn't be able to
 				// revoke his own session! This is what logout is for
 				$.ajax({
 					url: config.relative_path + '/api/user/' + ajaxify.data.userslug + '/session/' + uuid,
 					method: 'delete',
 					headers: {
 						'x-csrf-token': config.csrf_token
 					}
 				}).done(function () {
 					parentEl.remove();
 				}).fail(function (err) {
 					try {
 						var errorObj = JSON.parse(err.responseText);
 						if (errorObj.loggedIn === false) {
 							window.location.href = config.relative_path + '/login?error=' + errorObj.title;
 						}
 						app.alertError(errorObj.title);
 					} catch (e) {
 						app.alertError('[[error:invalid-data]]');
 					}
 				});
 			}
 		});
 	}
 	return Info;
 });
--- a/public/src/client/account/settings.js
+++ b/public/src/client/account/settings.js
@ -43,7 +43,6 @@ define('forum/account/settings', ['forum/account/header', 'components', 'sounds'
 		toggleCustomRoute();
 		components.get('user/sessions').find('.timeago').timeago();
 		prepareSessionRevoking();
 	};
 	function loadSettings() {
@ -115,36 +114,5 @@ define('forum/account/settings', ['forum/account/header', 'components', 'sounds'
 		}
 	}
 	function prepareSessionRevoking() {
 		components.get('user/sessions').on('click', '[data-action]', function () {
 			var parentEl = $(this).parents('[data-uuid]');
 			var uuid = parentEl.attr('data-uuid');
 			if (uuid) {
 				// This is done via DELETE because a user shouldn't be able to
 				// revoke his own session! This is what logout is for
 				$.ajax({
 					url: config.relative_path + '/api/user/' + ajaxify.data.userslug + '/session/' + uuid,
 					method: 'delete',
 					headers: {
 						'x-csrf-token': config.csrf_token
 					}
 				}).done(function () {
 					parentEl.remove();
 				}).fail(function (err) {
 					try {
 						var errorObj = JSON.parse(err.responseText);
 						if (errorObj.loggedIn === false) {
 							window.location.href = config.relative_path + '/login?error=' + errorObj.title;
 						}
 						app.alertError(errorObj.title);
 					} catch (e) {
 						app.alertError('[[error:invalid-data]]');
 					}
 				});
 			}
 		});
 	}
 	return AccountSettings;
 });