aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2024-01-21 16:06:54 +0300
committerGravatar Vitaly Takmazov2024-01-21 16:08:30 +0300
commit4bca09435335528bbce1e8f4579fbaa9d6150ed1 (patch)
treede78023db8b2278607bdee135b935582997dfef8 /src
parent8c00749401b0c2544b438b5f9b8a77a447400b0a (diff)
Delete login hash on logout
Diffstat (limited to 'src')
-rw-r--r--src/main/java/com/juick/config/SecurityConfig.java14
-rw-r--r--src/main/java/com/juick/service/UserService.java2
-rw-r--r--src/main/java/com/juick/service/UserServiceImpl.java6
3 files changed, 20 insertions, 2 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index c557ab4e6..030cdcc21 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2023, Juick
+ * Copyright (C) 2008-2024, Juick
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -19,7 +19,6 @@ package com.juick.config;
import com.juick.ActivityPubManager;
import com.juick.KeystoreManager;
-import com.juick.service.ActivityPubService;
import com.juick.service.UserService;
import com.juick.service.security.HTTPSignatureAuthenticationFilter;
import com.juick.service.security.HashParamAuthenticationFilter;
@@ -42,6 +41,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
@@ -268,6 +268,16 @@ public class SecurityConfig {
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutSuccessUrl("/login")
+ .addLogoutHandler((request, response, authentication) -> {
+ var auth = SecurityContextHolder.getContext().getAuthentication();
+ if (auth != null) {
+ var principal = auth.getPrincipal();
+ if (principal instanceof JuickUser) {
+ var user = ((JuickUser) principal).getUser();
+ userService.logout(user.getUid());
+ }
+ }
+ })
.deleteCookies("hash", COOKIE_NAME))
.formLogin(form -> form.loginPage("/login")
.usernameParameter("username")
diff --git a/src/main/java/com/juick/service/UserService.java b/src/main/java/com/juick/service/UserService.java
index 9313bba90..6f7cb58f4 100644
--- a/src/main/java/com/juick/service/UserService.java
+++ b/src/main/java/com/juick/service/UserService.java
@@ -122,6 +122,8 @@ public interface UserService {
List<String> getEmails(User user);
+ void logout(int uid);
+
boolean deleteJID(int uid, String jid);
boolean unauthJID(int uid, String jid);
diff --git a/src/main/java/com/juick/service/UserServiceImpl.java b/src/main/java/com/juick/service/UserServiceImpl.java
index 2f03c5bf8..812a4e8b3 100644
--- a/src/main/java/com/juick/service/UserServiceImpl.java
+++ b/src/main/java/com/juick/service/UserServiceImpl.java
@@ -596,6 +596,12 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
@Transactional
@Override
+ public void logout(int uid) {
+ getJdbcTemplate().update("DELETE FROM logins WHERE user_id=?", uid);
+ }
+
+ @Transactional
+ @Override
public boolean deleteJID(int uid, String jid) {
return getNamedParameterJdbcTemplate().update("DELETE FROM jids " +
"WHERE (SELECT COUNT(*) cnt FROM (select user_id, jid FROM jids j) c WHERE user_id=:uid) > 1 " +