src/applications/auth/controller/PhabricatorAuthRevokeTokenController.php at upstream/main

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork atom

phorge / src / applications / auth / controller / PhabricatorAuthRevokeTokenController.php

at upstream/main 75 lines 2.1 kB view raw

wrap content

epriestley Clean up redirect URIs for "Temporary Tokens" and "API Tokens" settings panels 9y ago

ec8581ab

 1<?php
 2
 3final class PhabricatorAuthRevokeTokenController
 4  extends PhabricatorAuthController {
 5
 6  public function handleRequest(AphrontRequest $request) {
 7    $viewer = $this->getViewer();
 8    $id = $request->getURIData('id');
 9
10    $is_all = ($id === 'all');
11
12    $query = id(new PhabricatorAuthTemporaryTokenQuery())
13      ->setViewer($viewer)
14      ->withTokenResources(array($viewer->getPHID()));
15    if (!$is_all) {
16      $query->withIDs(array($id));
17    }
18
19    $tokens = $query->execute();
20    foreach ($tokens as $key => $token) {
21      if (!$token->isRevocable()) {
22        // Don't revoke unrevocable tokens.
23        unset($tokens[$key]);
24      }
25    }
26
27    $panel_uri = id(new PhabricatorTokensSettingsPanel())
28      ->setViewer($viewer)
29      ->setUser($viewer)
30      ->getPanelURI();
31
32    if (!$tokens) {
33      return $this->newDialog()
34        ->setTitle(pht('No Matching Tokens'))
35        ->appendParagraph(
36          pht('There are no matching tokens to revoke.'))
37        ->appendParagraph(
38          pht(
39            '(Some types of token can not be revoked, and you can not revoke '.
40            'tokens which have already expired.)'))
41        ->addCancelButton($panel_uri);
42    }
43
44    if ($request->isDialogFormPost()) {
45      foreach ($tokens as $token) {
46        $token->revokeToken();
47      }
48      return id(new AphrontRedirectResponse())->setURI($panel_uri);
49    }
50
51    if ($is_all) {
52      $title = pht('Revoke Tokens?');
53      $short = pht('Revoke Tokens');
54      $body = pht(
55        'Really revoke all tokens? Among other temporary authorizations, '.
56        'this will disable any outstanding password reset or account '.
57        'recovery links.');
58    } else {
59      $title = pht('Revoke Token?');
60      $short = pht('Revoke Token');
61      $body = pht(
62        'Really revoke this token? Any temporary authorization it enables '.
63        'will be disabled.');
64    }
65
66    return $this->newDialog()
67      ->setTitle($title)
68      ->setShortTitle($short)
69      ->appendParagraph($body)
70      ->addSubmitButton(pht('Revoke'))
71      ->addCancelButton($panel_uri);
72  }
73
74
75}