Added ability to logout from all other sessions in CP

2025-07-20 17:46:03 +02:00 · 2025-02-11 11:58:50 +02:00 · 2025-02-11 11:58:50 +02:00 · 276cbb1c0d
commit 276cbb1c0d
parent 37b9d0ad9e
5 changed files with 63 additions and 3 deletions
--- a/cp/app/Controllers/ProfileController.php
+++ b/cp/app/Controllers/ProfileController.php
@ -7,6 +7,7 @@ use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Container\ContainerInterface;
 use RobThree\Auth\TwoFactorAuth;
 use RobThree\Auth\Providers\Qr\BaconQrCodeProvider;
+use App\Auth\Auth;

 class ProfileController extends Controller
 {
@ -235,4 +236,34 @@ class ProfileController extends Controller
        }
    }

+    public function logoutEverywhereElse(Request $request, Response $response)
+    {
+        global $container;
+        $db = $container->get('db');
+        
+        $currentDateTime = new \DateTime();
+        $currentDate = $currentDateTime->format('Y-m-d H:i:s.v'); // Current timestamp
+        $db->insert(
+            'users_audit',
+            [
+                'user_id' => $_SESSION['auth_user_id'],
+                'user_event' => 'user.logout.everywhere',
+                'user_resource' => 'control.panel',
+                'user_agent' => $_SERVER['HTTP_USER_AGENT'],
+                'user_ip' => get_client_ip(),
+                'user_location' => get_client_location(),
+                'event_time' => $currentDate,
+                'user_data' => json_encode([
+                    'remaining_session_id' => session_id(),
+                    'logged_out_sessions' => 'All other sessions terminated',
+                    'previous_ip' => $_SESSION['previous_ip'] ?? null,
+                    'previous_user_agent' => $_SESSION['previous_user_agent'] ?? null,
+                    'timestamp' => $currentDate,
+                ])
+            ]
+        );
+
+        Auth::logoutEverywhereElse();
+    }
+
 }