diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-10-04 11:04:17 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-04 11:04:17 -0400 |
commit | affd35071ea155069979fd359726296de8aa6aaf (patch) | |
tree | d6810c7a9356ceb3ff5bbb293f1b8756906d1d45 /api4/user.go | |
parent | 3e144f82e29e566b3cf1615c19b4ddc6dc7e4694 (diff) | |
download | chat-affd35071ea155069979fd359726296de8aa6aaf.tar.gz chat-affd35071ea155069979fd359726296de8aa6aaf.tar.bz2 chat-affd35071ea155069979fd359726296de8aa6aaf.zip |
Updates to session revoking in v4 (#7565)
Diffstat (limited to 'api4/user.go')
-rw-r--r-- | api4/user.go | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/api4/user.go b/api4/user.go index 97f79cf6f..e46ded670 100644 --- a/api4/user.go +++ b/api4/user.go @@ -926,7 +926,19 @@ func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) { return } - if err := c.App.RevokeSessionById(sessionId); err != nil { + var session *model.Session + var err *model.AppError + if session, err = c.App.GetSessionById(sessionId); err != nil { + c.Err = err + return + } + + if session.UserId != c.Params.UserId { + c.SetInvalidUrlParam("user_id") + return + } + + if err := c.App.RevokeSession(session); err != nil { c.Err = err return } |