session management

2025-09-13 18:13:26 +00:00 · 2023-10-28 18:34:32 +02:00
parent 94e1f9ebe1
commit 8f503b9c5a
13 changed files with 448 additions and 13 deletions
--- a/src/routes/auth/session.ts
+++ b/src/routes/auth/session.ts
@@ -0,0 +1,30 @@
+import { Session } from '@/db/models/Session';
+import { StatusError } from '@/services/error';
+import { handle } from '@/services/handler';
+import { makeRouter } from '@/services/router';
+import { z } from 'zod';
+
+export const sessionRouter = makeRouter((app) => {
+  app.delete(
+    '/auth/session/:sid',
+    {
+      schema: {
+        params: z.object({
+          sid: z.string(),
+        }),
+      },
+    },
+    handle(async ({ auth, params, em }) => {
+      auth.assert();
+
+      const targetedSession = await em.findOne(Session, { id: params.sid });
+      if (!targetedSession) return true; // already deleted
+
+      if (targetedSession.user !== auth.user.id)
+        throw new StatusError('Cant delete sessions you dont own', 401);
+
+      await em.removeAndFlush(targetedSession);
+      return true;
+    }),
+  );
+});