sinvo/docmost
1
0
Fork 0
mirror of https://github.com/docmost/docmost.git synced 2026-05-07 06:23:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
803f1f0b81b7d4450a9240e92558969633295c0b
docmost/apps/server/src/core/session/session.controller.ts
T
Philip Okugbe 803f1f0b81 feat: user session management (#2056) 
* user session management

* WIP

* cleanup

* license

* cleanup

* don't cache index

* rename current device property

* fix
2026-03-26 20:00:04 +00:00

81 lines
2.1 KiB
TypeScript
Raw Blame History

import {
BadRequestException,
Body,
Controller,
HttpCode,
HttpStatus,
Post,
Req,
UseGuards,
} from '@nestjs/common';
import { SessionService } from './session.service';
import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
import { AuthUser } from '../../common/decorators/auth-user.decorator';
import { AuthWorkspace } from '../../common/decorators/auth-workspace.decorator';
import { User, Workspace } from '@docmost/db/types/entity.types';
import { RevokeSessionDto } from './dto/revoke-session.dto';
import { FastifyRequest } from 'fastify';
@UseGuards(JwtAuthGuard)
@Controller('sessions')
export class SessionController {
constructor(private readonly sessionService: SessionService) {}
@HttpCode(HttpStatus.OK)
@Post()
async listSessions(
@AuthUser() user: User,
@AuthWorkspace() workspace: Workspace,
@Req() req: FastifyRequest,
) {
const currentSessionId = (req.raw as any).sessionId ?? null;
const sessions = await this.sessionService.getActiveSessions(
user.id,
workspace.id,
currentSessionId,
);
return { sessions };
}
@HttpCode(HttpStatus.OK)
@Post('revoke')
async revokeSession(
@Body() dto: RevokeSessionDto,
@AuthUser() user: User,
@AuthWorkspace() workspace: Workspace,
@Req() req: FastifyRequest,
) {
const currentSessionId = (req.raw as any).sessionId;
if (dto.sessionId === currentSessionId) {
throw new BadRequestException(
'Cannot revoke current session. Use logout instead.',
);
}
await this.sessionService.revokeSession(
dto.sessionId,
user.id,
workspace.id,
);
}
@HttpCode(HttpStatus.OK)
@Post('revoke-all')
async revokeAllSessions(
@AuthUser() user: User,
@AuthWorkspace() workspace: Workspace,
@Req() req: FastifyRequest,
) {
const currentSessionId = (req.raw as any).sessionId;
if (!currentSessionId) {
throw new BadRequestException(
'Current session not found. Please log in again.',
);
}
await this.sessionService.revokeAllOtherSessions(
currentSessionId,
user.id,
workspace.id,
);
}
}
Reference in New Issue View Git Blame Copy Permalink