bagas/filekeeper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix unauthorized session termination (#30)

Browse Source
This commit is contained in:
Bagas Aulia Rezki
2024-06-20 22:35:30 +07:00
parent fd2a7d110a
commit f63c4f7928
3 changed files with 41 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
handler/user/session/terminate/terminate.go
View File

@ -11,10 +11,14 @@ func DELETE(w http.ResponseWriter, r *http.Request) {
_, mySession, _ := session.GetSession(r)
otherSession, _ := session.Get(id)
if session.GetSessionInfo(mySession.Email, otherSession.ID) == nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
otherSession.Delete()
session.RemoveSessionInfo(mySession.Email, otherSession.ID)
component := userView.SessionTable(session.GetSessions(mySession.Email))
err := component.Render(r.Context(), w)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)