Move sessions into their own view for easier management

2025-11-04 15:19:39 +11:00
parent ef15db77f9
commit 19bfc21f11
15 changed files with 210 additions and 147 deletions
--- a/app/controllers/active_sessions_controller.rb
+++ b/app/controllers/active_sessions_controller.rb
@@ -0,0 +1,35 @@
+class ActiveSessionsController < ApplicationController
+  def show
+    @user = Current.session.user
+    @active_sessions = @user.sessions.active.order(last_activity_at: :desc)
+    @connected_applications = @user.oidc_user_consents.includes(:application).order(granted_at: :desc)
+  end
+
+  def revoke_consent
+    @user = Current.session.user
+    application = Application.find(params[:application_id])
+
+    # Check if user has consent for this application
+    consent = @user.oidc_user_consents.find_by(application: application)
+    unless consent
+      redirect_to active_sessions_path, alert: "No consent found for this application."
+      return
+    end
+
+    # Revoke the consent
+    consent.destroy
+    redirect_to active_sessions_path, notice: "Successfully revoked access to #{application.name}."
+  end
+
+  def revoke_all_consents
+    @user = Current.session.user
+    count = @user.oidc_user_consents.count
+
+    if count > 0
+      @user.oidc_user_consents.destroy_all
+      redirect_to active_sessions_path, notice: "Successfully revoked access to #{count} applications."
+    else
+      redirect_to active_sessions_path, alert: "No applications to revoke."
+    end
+  end
+end
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -76,7 +76,7 @@ module Admin
    end

    def user_params
-      params.require(:user).permit(:email_address, :password, :admin, :status, custom_claims: {})
+      params.require(:user).permit(:email_address, :name, :password, :admin, :status, custom_claims: {})
    end
  end
 end
--- a/app/controllers/oidc_controller.rb
+++ b/app/controllers/oidc_controller.rb
@@ -291,7 +291,7 @@ class OidcController < ApplicationController
      email: user.email_address,
      email_verified: true,
      preferred_username: user.email_address,
-      name: user.email_address
+      name: user.name.presence || user.email_address
    }

    # Add groups if user has any
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -1,8 +1,6 @@
 class ProfilesController < ApplicationController
  def show
    @user = Current.session.user
-    @active_sessions = @user.sessions.active.order(last_activity_at: :desc)
-    @connected_applications = @user.oidc_user_consents.includes(:application).order(granted_at: :desc)
  end

  def update
@@ -12,7 +10,6 @@ class ProfilesController < ApplicationController
      # Updating password - requires current password
      unless @user.authenticate(params[:user][:current_password])
        @user.errors.add(:current_password, "is incorrect")
-        @active_sessions = @user.sessions.active.order(last_activity_at: :desc)
        render :show, status: :unprocessable_entity
        return
      end
@@ -20,7 +17,6 @@ class ProfilesController < ApplicationController
      if @user.update(password_params)
        redirect_to profile_path, notice: "Password updated successfully."
      else
-        @active_sessions = @user.sessions.active.order(last_activity_at: :desc)
        render :show, status: :unprocessable_entity
      end
    else
@@ -28,40 +24,11 @@ class ProfilesController < ApplicationController
      if @user.update(email_params)
        redirect_to profile_path, notice: "Email updated successfully."
      else
-        @active_sessions = @user.sessions.active.order(last_activity_at: :desc)
        render :show, status: :unprocessable_entity
      end
    end
  end

-  def revoke_consent
-    @user = Current.session.user
-    application = Application.find(params[:application_id])
-
-    # Check if user has consent for this application
-    consent = @user.oidc_user_consents.find_by(application: application)
-    unless consent
-      redirect_to profile_path, alert: "No consent found for this application."
-      return
-    end
-
-    # Revoke the consent
-    consent.destroy
-    redirect_to profile_path, notice: "Successfully revoked access to #{application.name}."
-  end
-
-  def revoke_all_consents
-    @user = Current.session.user
-    count = @user.oidc_user_consents.count
-
-    if count > 0
-      @user.oidc_user_consents.destroy_all
-      redirect_to profile_path, notice: "Successfully revoked access to #{count} applications."
-    else
-      redirect_to profile_path, alert: "No applications to revoke."
-    end
-  end
-
  private

  def email_params
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -115,7 +115,7 @@ class SessionsController < ApplicationController
  def destroy_other
    session = Current.session.user.sessions.find(params[:id])
    session.destroy
-    redirect_to profile_path, notice: "Session revoked successfully."
+    redirect_to active_sessions_path, notice: "Session revoked successfully."
  end

  private