Class: Shakha::SessionController

Inherits:
ApplicationController show all
Includes:
Auditable
Defined in:
app/controllers/shakha/session_controller.rb

Instance Method Summary collapse

Instance Method Details

#checkObject 



36
37
38
39
40
41
42
43
44
45
 
# File 'app/controllers/shakha/session_controller.rb', line 36

def check
  if signed_in?
    render json: { status: "active" }
  else
    render json: {
      status: "login_required",
      reason: "no_session"
    }, status: :unauthorized
  end
end

#destroyObject 



47
48
49
50
51
52
53
54
55
 
# File 'app/controllers/shakha/session_controller.rb', line 47

def destroy
  current_session&.destroy
  cookies.delete(:shakha_session_token)

  respond_to do |format|
    format.html { redirect_to params[:return_to].presence || "/" }
    format.json { render json: { status: "signed_out" } }
  end
end

#indexObject 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'app/controllers/shakha/session_controller.rb', line 8

def index
  return render json: { error: "Authentication required" }, status: :unauthorized unless signed_in?

  sessions = current_user.sessions.active.order(created_at: :desc)

  render json: {
    current_token: current_session.token,
    sessions: sessions.map { |s|
      {
        id: s.id,
        token: s.token,
        created_at: s.created_at.iso8601,
        expires_at: s.expires_at.iso8601,
        current: s.token == current_session.token
      }
    }
  }
end

#listObject 



57
58
59
60
61
62
 
# File 'app/controllers/shakha/session_controller.rb', line 57

def list
  return redirect_to "/auth/shakha" unless signed_in?

  @sessions = current_user.sessions.active.order(created_at: :desc)
  @current_token = current_session&.token
end

#revokeObject 



64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'app/controllers/shakha/session_controller.rb', line 64

def revoke
  return render json: { error: "Authentication required" }, status: :unauthorized unless signed_in?

  session = current_user.sessions.find(params[:id])
  session.destroy

  cookies.delete(:shakha_session_token) if session.token == current_session&.token

  log_session_revoked(session)

  render json: { status: "revoked" }
end

#showObject 



27
28
29
30
31
32
33
34
 
# File 'app/controllers/shakha/session_controller.rb', line 27

def show
  render json: {
    user_id: current_user&.pairwise_sub,
    email: current_user&.email,
    name: current_user&.name,
    expires_at: current_session&.expires_at&.iso8601
  }
end