Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d7632748ab429cdcb977ef2b7f5ec18ae044ee3b
jakach-login/app-code/api/account/manage_sessions.php
T
janis d7632748ab
Deploy / deploy (push) Successful in 34s
Details
adding password strength meter and session ui
2026-05-07 23:51:33 +02:00

48 lines
1.6 KiB
PHP
Raw Blame History

<?php
include "../utils/security.php";
secure_session_start();
header('Content-Type: application/json');
require_logged_in();
include "../../config/config.php";
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
$user_id = $_SESSION['id'];
$method = $_SERVER['REQUEST_METHOD'];
if ($method === 'GET') {
$sql = "SELECT id, agent, auth_token FROM keepmeloggedin WHERE user_id = ? ORDER BY id DESC";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, 'i', $user_id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$sessions = [];
while ($row = mysqli_fetch_assoc($result)) {
$sessions[] = [
'id' => $row['id'],
'user_agent' => $row['agent'],
'auth_token' => substr($row['auth_token'], 0, 16) . '...'
];
}
mysqli_stmt_close($stmt);
echo json_encode(['success' => true, 'sessions' => $sessions]);
} elseif ($method === 'POST') {
require_csrf_token();
$input = json_decode(file_get_contents('php://input'), true);
$sql = "DELETE FROM keepmeloggedin WHERE user_id = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, 'i', $user_id);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
delete_cookie("auth_token");
log_activity($conn, $user_id, 'sessions_revoked', 'All remembered sessions deleted');
echo json_encode(['success' => true, 'message' => 'All sessions revoked.']);
} else {
echo json_encode(['success' => false, 'message' => 'Invalid request method.'], 405);
}
?>
Reference in New Issue View Git Blame Copy Permalink