Add ability to logout all tokens from company

2025-11-04 04:07:32 -05:00 · 2021-04-27 09:34:35 +10:00 · 2021-04-27 09:34:35 +10:00 · 1bcfa1b19d
commit 1bcfa1b19d
parent 7a141f2631
6 changed files with 104 additions and 1 deletions
--- a/app/Http/Controllers/LogoutController.php
+++ b/app/Http/Controllers/LogoutController.php
@ -0,0 +1,70 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+
+namespace App\Http\Controllers;
+
+use App\Models\CompanyToken;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+use stdClass;
+
+class LogoutController extends BaseController
+{
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * @OA\Post(
+     *      path="/api/v1/logout",
+     *      operationId="getLogout",
+     *      tags={"logout"},
+     *      summary="Gets a list of logout",
+     *      description="Lists all logout",
+     *      @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
+     *      @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
+     *      @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
+     *      @OA\Parameter(ref="#/components/parameters/include"),
+     *      @OA\Parameter(ref="#/components/parameters/index"),
+     *      @OA\Response(
+     *          response=200,
+     *          description="Success message",
+     *          @OA\Header(header="X-MINIMUM-CLIENT-VERSION", ref="#/components/headers/X-MINIMUM-CLIENT-VERSION"),
+     *          @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
+     *          @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
+     *       ),
+     *       @OA\Response(
+     *          response=422,
+     *          description="Validation error",
+     *          @OA\JsonContent(ref="#/components/schemas/ValidationError"),
+     *       ),
+     *       @OA\Response(
+     *           response="default",
+     *           description="Unexpected Error",
+     *           @OA\JsonContent(ref="#/components/schemas/Error"),
+     *       ),
+     *     )
+     * @param Request $request
+     * @return Response|mixed
+     */
+    public function index(Request $request)
+    {
+        CompanyToken::whereRaw('BINARY `token`= ?', [$request->header('X-API-TOKEN')])
+                    ->company
+                    ->tokens()
+                    ->forceDelete();
+
+        return response()->json(['message' => 'logged out.'], 200);
+    }
+
+}
--- a/app/Libraries/MultiDB.php
+++ b/app/Libraries/MultiDB.php
@ -16,6 +16,7 @@ use App\Models\ClientContact;
 use App\Models\Company;
 use App\Models\CompanyToken;
 use App\Models\User;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Str;

 /**
@ -293,10 +294,16 @@ class MultiDB
    {
        /* This will set the database connection for the request */
        config(['database.default' => $database]);
+
+        DB::purge($database);
+        DB::reconnect($database);
    }

    public static function setDefaultDatabase()
    {
        config(['database.default' => config('ninja.db.default')]);
+
+        DB::purge(config('ninja.db.default'));
+        DB::reconnect(config('ninja.db.default'));
    }
 }
--- a/app/Models/Task.php
+++ b/app/Models/Task.php
@ -74,6 +74,11 @@ class Task extends BaseModel
        return $this->belongsTo(Client::class);
    }

+    public function status()
+    {
+        return $this->belongsTo(TaskStatus::class);
+    }
+
    public function invoice()
    {
        return $this->belongsTo(Invoice::class);
--- a/app/Repositories/TaskRepository.php
+++ b/app/Repositories/TaskRepository.php
@ -22,6 +22,7 @@ class TaskRepository extends BaseRepository
 {
    use GeneratesCounter;

+    public $new_task = true;

    /**
     * Saves the task and its contacts.
@ -33,10 +34,15 @@ class TaskRepository extends BaseRepository
     */
    public function save(array $data, Task $task) : ?Task
    {
+        if($task->id)
+            $this->new_task = false;

        $task->fill($data);
        $task->save();

+        if($this->new_task && !$task->status_id)
+            $this->setDefaultStatus($task);
+
        $task->number = empty($task->number) || !array_key_exists('number', $data) ? $this->getNextTaskNumber($task) : $data['number'];

        if (isset($data['description'])) {
@ -103,6 +109,19 @@ class TaskRepository extends BaseRepository

    }

+    private function setDefaultStatus(Task $task)
+    {
+        $first_status = $task->company->task_statuses()
+                              ->whereNull('deleted_at')
+                              ->orderBy('id','asc')
+                              ->first();
+
+        if($first_status)
+            return $first_status->id;
+
+        return null;
+    }
+
    /**
     * Sorts the task status order IF the old status has changed between requests
     *     
--- a/config/ninja.php
+++ b/config/ninja.php
@ -54,7 +54,7 @@ return [

    'db' => [
        'multi_db_enabled' => env('MULTI_DB_ENABLED', false),
-        'default' => env('DB_CONNECTION', 'mysql'),
+        'default' => env('DB_CONNECTION', 'db-ninja-01'),
    ],

    'i18n' => [
--- a/routes/api.php
+++ b/routes/api.php
@ -91,6 +91,8 @@ Route::group(['middleware' => ['api_db', 'token_auth', 'locale'], 'prefix' => 'a
    Route::get('invoice/{invitation_key}/download', 'InvoiceController@downloadPdf')->name('invoices.downloadPdf');
    Route::post('invoices/bulk', 'InvoiceController@bulk')->name('invoices.bulk');
    
+    Route::post('logout', 'LogoutController@index')->name('logout');
+
    Route::post('migrate', 'MigrationController@index')->name('migrate.start');

    Route::post('migration/purge/{company}', 'MigrationController@purgeCompany')->middleware('password_protected');