Path: blob/master/src/applications/auth/controller/PhabricatorAuthRevokeTokenController.php
12256 views
<?php12final class PhabricatorAuthRevokeTokenController3extends PhabricatorAuthController {45public function handleRequest(AphrontRequest $request) {6$viewer = $this->getViewer();7$id = $request->getURIData('id');89$is_all = ($id === 'all');1011$query = id(new PhabricatorAuthTemporaryTokenQuery())12->setViewer($viewer)13->withTokenResources(array($viewer->getPHID()));14if (!$is_all) {15$query->withIDs(array($id));16}1718$tokens = $query->execute();19foreach ($tokens as $key => $token) {20if (!$token->isRevocable()) {21// Don't revoke unrevocable tokens.22unset($tokens[$key]);23}24}2526$panel_uri = id(new PhabricatorTokensSettingsPanel())27->setViewer($viewer)28->setUser($viewer)29->getPanelURI();3031if (!$tokens) {32return $this->newDialog()33->setTitle(pht('No Matching Tokens'))34->appendParagraph(35pht('There are no matching tokens to revoke.'))36->appendParagraph(37pht(38'(Some types of token can not be revoked, and you can not revoke '.39'tokens which have already expired.)'))40->addCancelButton($panel_uri);41}4243if ($request->isDialogFormPost()) {44foreach ($tokens as $token) {45$token->revokeToken();46}47return id(new AphrontRedirectResponse())->setURI($panel_uri);48}4950if ($is_all) {51$title = pht('Revoke Tokens?');52$short = pht('Revoke Tokens');53$body = pht(54'Really revoke all tokens? Among other temporary authorizations, '.55'this will disable any outstanding password reset or account '.56'recovery links.');57} else {58$title = pht('Revoke Token?');59$short = pht('Revoke Token');60$body = pht(61'Really revoke this token? Any temporary authorization it enables '.62'will be disabled.');63}6465return $this->newDialog()66->setTitle($title)67->setShortTitle($short)68->appendParagraph($body)69->addSubmitButton(pht('Revoke'))70->addCancelButton($panel_uri);71}727374}757677