feat(Sessions/List): Use SessionsListForm to show user sessions

Rhilip · Aug 12, 2019 · 9ecfb97 · 9ecfb97
1 parent f36884e
commit 9ecfb97
Show file tree

Hide file tree

Showing 6 changed files with 115 additions and 50 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,9 @@
 <a name="unreleased"></a>
 ## [Unreleased]
 
+### Build
+- **Validator:** Upgrade siriusphp/validation to 2.3 (eb039eb)
+
 ### Docs
 - **template:** Add git commit hash in `CHANGELOG.md` (76bc527)
 

diff --git a/apps/components/Auth.php b/apps/components/Auth.php
@@ -19,6 +19,8 @@ class Auth extends Component
     protected $cur_user;
     protected $cur_user_session_id;
 
+    protected $grant;
+
     public function onRequestBefore()
     {
         parent::onRequestBefore(); // TODO: Change the autogenerated stub
@@ -35,19 +37,22 @@ public function onRequestBefore()
     public function getCurUser($grant = 'cookies', $flush = false)
     {
         if (is_null($this->cur_user) || $flush) {
+            $this->grant = $grant;
             $this->cur_user = $this->loadCurUser($grant);
         }
         return $this->cur_user;
     }
 
-    /**
-     * @return mixed
-     */
-    public function getCurUserSessionId()
+    public function getCurUserSessionId(): string
     {
         return $this->cur_user_session_id ?? '';
     }
 
+    public function getGrant(): string
+    {
+        return $this->grant ?? '';
+    }
+
     /**
      * @param string $grant
      * @return models\User|boolean

diff --git a/apps/controllers/UserController.php b/apps/controllers/UserController.php
@@ -80,8 +80,8 @@ public function actionPanel()
     public function actionSessions()
     {
         if (app()->request->isPost()) {
-            $action = app()->request->post('action');
-            if ($action == 'delsession') {
+            $action = app()->request->post('action');  // FIXME
+            if ($action == 'revoke') {
                 $to_del_session = app()->request->post('session');
 
                 // expired it from Database first
@@ -100,7 +100,7 @@ public function actionSessions()
 
         $session_list = new User\SessionsListForm();
         if (false === $session_list->validate()) {
-            return $this->render('action/action_fail',['msg' => $session_list->getError()]);
+            return $this->render('action/action_fail', ['msg' => $session_list->getError()]);
         }
 
         return $this->render('user/sessions', ['session_list' => $session_list]);

diff --git a/apps/models/form/User/SessionsListForm.php b/apps/models/form/User/SessionsListForm.php
@@ -13,22 +13,54 @@
 
 class SessionsListForm extends Pager
 {
+    public $uid;
+    public $expired = [-1, 0]; // Default not show expired session
+
+    public static $DEFAULT_LIMIT = 10;
+    public static $MAX_LIMIT = 50;
+
     protected $_autoload_data = true;
     protected $_autoload_data_from = ['get'];
 
-    protected function getRemoteTotal(): int
+    public static function defaultData()
     {
-        return app()->pdo->createCommand('SELECT COUNT(`id`) FROM `user_session_log` WHERE uid = :uid')->bindParams([
+        return [
+            'page' => static::getDefaultPage(), 'limit' => static::getDefaultLimit(),
             'uid' => app()->auth->getCurUser()->getId()
+        ];
+    }
+
+    public static function inputRules()
+    {
+        $rules = [
+            'expired[*]' => [
+                ['Integer'],
+                ['Inlist', ['list' => [-1 /* Never Expired */, 0 /* Temporary */, 1 /* Expired */]]]
+            ]
+        ];
+
+        // TODO allow admin to see other people session log
+        $rules['uid'] = ['Integer', ['Equal', ['value' => app()->auth->getCurUser()->getId()]]];
+
+        return $rules;
+    }
+
+    protected function getRemoteTotal(): int
+    {
+        var_dump($this->getData('expired'));
+        return app()->pdo->createCommand([
+            ['SELECT COUNT(`id`) FROM `user_session_log` WHERE uid = :uid ', 'params' => ['uid' => $this->getData('uid')]],
+            ['AND `expired` IN (:expired)', 'params' => ['expired' => $this->getData('expired')]],
         ])->queryScalar();
     }
 
     protected function getRemoteData(): array
     {
         return app()->pdo->createCommand([
-            ['SELECT `id`, `sid`, `login_at`, `login_ip`, `user_agent`, `last_access_at` FROM `user_session_log` WHERE 1=1 '],
-            ['AND uid = :uid ' , 'params' => ['uid' => app()->auth->getCurUser()->getId()]],
-            ['ORDER BY `expired` DESC, `id` DESC'],
+            ['SELECT `id`, `sid`, `login_at`, `login_ip`, `user_agent`, `last_access_at`, `expired` FROM `user_session_log` WHERE 1=1 '],
+            ['AND `uid` = :uid ', 'params' => ['uid' => app()->auth->getCurUser()->getId()]],
+            ['AND `expired` IN (:expired)', 'params' => ['expired' => $this->expired]],
+            ['ORDER BY `expired`, `id` DESC'],
             ['LIMIT :o, :l', 'params' => ['o' => $this->offset, 'l' => $this->limit]]
         ])->queryAll();
     }

diff --git a/apps/models/form/User/UserDetailsForm.php b/apps/models/form/User/UserDetailsForm.php
@@ -0,0 +1,15 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: Rhilip
+ * Date: 8/12/2019
+ * Time: 2019
+ */
+
+namespace apps\models\form\User;
+
+
+class UserDetailsForm
+{
+    // TODO
+}
diff --git a/apps/views/user/sessions.php b/apps/views/user/sessions.php
@@ -12,42 +12,52 @@
 <?= $this->layout('user/setting_layout') ?>
 
 <?php $this->start('panel') ?>
-<h1>Sessions</h1>
-This is a list of devices that have logged into your account. Revoke any sessions that you do not recognize.
-<br>
-<table class="table table-hover table-striped">
-    <thead>
-    <tr>
-        <td class="text-center">Login At</td>
-        <td class="text-center">Login IP</td>
-        <td class="text-center">User Agent</td>
-        <td class="text-center nowrap">Last access at</td>
-        <td class="text-center">Revoke</td>
-    </tr>
-    </thead>
-    <tbody>
-    <?php foreach ($session_list->getPagerData() as $s): ?>
-        <tr>
-            <td class="text-center nowrap"><?= $s['login_at'] ?></td>
-            <td class="text-center"><?= inet_ntop($s['login_ip']) ?></td>
-            <td class="text-left"><?= $s['user_agent'] ?></td>
-            <td class="text-center" data-timestamp="<?= strtotime($s['last_access_at']) ?>"><?= $s['last_access_at'] ?></td>
-            <td class="text-center">
-                <?php if ($s['sid'] == app()->auth->getCurUserSessionId()): ?>
-                    Current
-                <?php else: ?>
-                    <form method="post">
-                        <input type="hidden" name="action" value="delsession"/>
-                        <input type="hidden" name="session" value="<?= $s['sid'] ?>"/>
-                        <button class="btn btn-default" type="submit"
-                                onclick="return confirm('Are you sure you want to delete this session?');">
-                            <i class="far fa-trash-alt"></i>
-                        </button>
-                    </form>
-                <?php endif; ?>
-            </td>
-        </tr>
-    <?php endforeach; ?>
-    </tbody>
-</table>
+<div class="row">
+    <div class="col-md-12">
+        <h1>Sessions</h1>
+        This is a list of devices that have logged into your account. Revoke any sessions that you do not recognize.
+    </div>
+    <div class="col-md-12">
+        <table class="table table-hover table-striped">
+            <thead>
+            <tr>
+                <td class="text-center">Login At</td>
+                <td class="text-center">Login IP</td>
+                <td class="text-center">User Agent</td>
+                <td class="text-center nowrap">Last access at</td>
+                <td class="text-center">Revoke</td>
+            </tr>
+            </thead>
+            <tbody>
+            <?php foreach ($session_list->getPagerData() as $s): ?>
+                <tr<?php if ($s['expired'] == 0):?> class="warning" data-toggle="tooltip" data-placement="bottom" title="This session will expired automatically."<?php endif;?>>
+                    <td class="text-center nowrap"><?= $s['login_at'] ?></td>
+                    <td class="text-center"><?= inet_ntop($s['login_ip']) ?></td>
+                    <td class="text-left"><?= $s['user_agent'] ?></td>
+                    <td class="text-center" data-timestamp="<?= strtotime($s['last_access_at']) ?>"><?= $s['last_access_at'] ?></td>
+                    <td class="text-center">
+                        <?php if ($s['sid'] == app()->auth->getCurUserSessionId()): ?>
+                            Current
+                        <?php else: ?>
+                            <form method="post">
+                                <input type="hidden" name="action" value="revoke"/>
+                                <input type="hidden" name="session" value="<?= $s['sid'] ?>"/>
+                                <button class="btn btn-default" type="submit"
+                                        onclick="return confirm('Are you sure you want to delete this session?');">
+                                    <i class="far fa-trash-alt"></i>
+                                </button>
+                            </form>
+                        <?php endif; ?>
+                    </td>
+                </tr>
+            <?php endforeach; ?>
+            </tbody>
+        </table>
+
+        <div class="text-center">
+            <ul class="pager pager-unset-margin" data-ride="remote_pager" data-rec-total="<?= $session_list->getTotal() ?>" data-rec-per-page="<?= $session_list->getLimit() ?>"></ul>
+        </div>
+    </div>
+</div>
+
 <?php $this->stop() ?>