diff options
author | Vitaly Takmazov | 2024-01-21 16:06:54 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2024-01-21 16:08:30 +0300 |
commit | 4bca09435335528bbce1e8f4579fbaa9d6150ed1 (patch) | |
tree | de78023db8b2278607bdee135b935582997dfef8 | |
parent | 8c00749401b0c2544b438b5f9b8a77a447400b0a (diff) |
Delete login hash on logout
-rw-r--r-- | src/main/java/com/juick/config/SecurityConfig.java | 14 | ||||
-rw-r--r-- | src/main/java/com/juick/service/UserService.java | 2 | ||||
-rw-r--r-- | src/main/java/com/juick/service/UserServiceImpl.java | 6 |
3 files changed, 20 insertions, 2 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index c557ab4e..030cdcc2 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2023, Juick + * Copyright (C) 2008-2024, Juick * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -19,7 +19,6 @@ package com.juick.config; import com.juick.ActivityPubManager; import com.juick.KeystoreManager; -import com.juick.service.ActivityPubService; import com.juick.service.UserService; import com.juick.service.security.HTTPSignatureAuthenticationFilter; import com.juick.service.security.HashParamAuthenticationFilter; @@ -42,6 +41,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.oauth2.jwt.JwtDecoder; import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository; @@ -268,6 +268,16 @@ public class SecurityConfig { .invalidateHttpSession(true) .clearAuthentication(true) .logoutSuccessUrl("/login") + .addLogoutHandler((request, response, authentication) -> { + var auth = SecurityContextHolder.getContext().getAuthentication(); + if (auth != null) { + var principal = auth.getPrincipal(); + if (principal instanceof JuickUser) { + var user = ((JuickUser) principal).getUser(); + userService.logout(user.getUid()); + } + } + }) .deleteCookies("hash", COOKIE_NAME)) .formLogin(form -> form.loginPage("/login") .usernameParameter("username") diff --git a/src/main/java/com/juick/service/UserService.java b/src/main/java/com/juick/service/UserService.java index 9313bba9..6f7cb58f 100644 --- a/src/main/java/com/juick/service/UserService.java +++ b/src/main/java/com/juick/service/UserService.java @@ -122,6 +122,8 @@ public interface UserService { List<String> getEmails(User user); + void logout(int uid); + boolean deleteJID(int uid, String jid); boolean unauthJID(int uid, String jid); diff --git a/src/main/java/com/juick/service/UserServiceImpl.java b/src/main/java/com/juick/service/UserServiceImpl.java index 2f03c5bf..812a4e8b 100644 --- a/src/main/java/com/juick/service/UserServiceImpl.java +++ b/src/main/java/com/juick/service/UserServiceImpl.java @@ -596,6 +596,12 @@ public class UserServiceImpl extends BaseJdbcService implements UserService { @Transactional @Override + public void logout(int uid) { + getJdbcTemplate().update("DELETE FROM logins WHERE user_id=?", uid); + } + + @Transactional + @Override public boolean deleteJID(int uid, String jid) { return getNamedParameterJdbcTemplate().update("DELETE FROM jids " + "WHERE (SELECT COUNT(*) cnt FROM (select user_id, jid FROM jids j) c WHERE user_id=:uid) > 1 " + |