add a "Force logout" button to the user settings

8 files changed, 112 insertions, 33 deletions

diff --git a/fietsboek/locale/de/LC_MESSAGES/messages.mo b/fietsboek/locale/de/LC_MESSAGES/messages.mo
index e6dd1c6..f2bf3ea 100644
--- a/fietsboek/locale/de/LC_MESSAGES/messages.mo
+++ b/fietsboek/locale/de/LC_MESSAGES/messages.mo
diff --git a/fietsboek/locale/de/LC_MESSAGES/messages.po b/fietsboek/locale/de/LC_MESSAGES/messages.po
index b34e849..69723be 100644
--- a/fietsboek/locale/de/LC_MESSAGES/messages.po
+++ b/fietsboek/locale/de/LC_MESSAGES/messages.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PROJECT VERSION\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2023-08-17 22:51+0200\n"
+"POT-Creation-Date: 2023-09-14 20:05+0200\n"
 "PO-Revision-Date: 2022-07-02 17:35+0200\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language: de\n"
@@ -753,22 +753,37 @@ msgid "page.my_profile.personal_data.save"
 msgstr "Speichern"
 
 #: fietsboek/templates/user_data.jinja2:38
+msgid "page.my_profile.session_logout.title"
+msgstr "Sitzungen abmelden"
+
+#: fietsboek/templates/user_data.jinja2:40
+msgid "page.my_profile.session_logout.explanation"
+msgstr ""
+"Mit dieser Funktion können alle Sitzungen beendet werden. Dies ist nützlich, "
+"wenn Du vergessen hast, dich auf einem fremden Gerät abzumelden. Beachte, dass "
+"Du dich erneut anmelden musst, wenn Du diese Funktion nutzt!"
+
+#: fietsboek/templates/user_data.jinja2:44
+msgid "page.my_profile.session_logout.button"
+msgstr "Alle Sitzungen beenden"
+
+#: fietsboek/templates/user_data.jinja2:49
 msgid "page.my_profile.friends"
 msgstr "Freunde"
 
-#: fietsboek/templates/user_data.jinja2:46
+#: fietsboek/templates/user_data.jinja2:57
 msgid "page.my_profile.unfriend"
 msgstr "Entfreunden"
 
-#: fietsboek/templates/user_data.jinja2:56
+#: fietsboek/templates/user_data.jinja2:67
 msgid "page.my_profile.accept_friend"
 msgstr "Annehmen"
 
-#: fietsboek/templates/user_data.jinja2:73
+#: fietsboek/templates/user_data.jinja2:84
 msgid "page.my_profile.friend_request_email"
 msgstr "E-Mail-Adresse des Freundes"
 
-#: fietsboek/templates/user_data.jinja2:77
+#: fietsboek/templates/user_data.jinja2:88
 msgid "page.my_profile.send_friend_request"
 msgstr "Freundschaftsanfrage senden"
 
@@ -808,7 +823,7 @@ msgstr "Ungültiger Name"
 msgid "flash.invalid_email"
 msgstr "Ungültige E-Mail-Adresse"
 
-#: fietsboek/views/account.py:67
+#: fietsboek/views/account.py:68
 msgid "flash.a_confirmation_link_has_been_sent"
 msgstr "Ein Bestätigungslink wurde versandt"
 
@@ -900,23 +915,27 @@ msgstr "Hochladen erfolgreich"
 msgid "flash.upload_cancelled"
 msgstr "Hochladen abgebrochen"
 
-#: fietsboek/views/user_data.py:61
+#: fietsboek/views/user_data.py:66
 msgid "flash.personal_data_updated"
 msgstr "Persönliche Daten wurden gespeichert"
 
-#: fietsboek/views/user_data.py:79
+#: fietsboek/views/user_data.py:85
 msgid "flash.friend_not_found"
 msgstr "Das angegebene Konto wurde nicht gefunden"
 
-#: fietsboek/views/user_data.py:85
+#: fietsboek/views/user_data.py:91
 msgid "flash.friend_already_exists"
 msgstr "Dieser Freund existiert bereits"
 
-#: fietsboek/views/user_data.py:93
+#: fietsboek/views/user_data.py:99
 msgid "flash.friend_added"
 msgstr "Freund hinzugefügt"
 
-#: fietsboek/views/user_data.py:103
+#: fietsboek/views/user_data.py:109
 msgid "flash.friend_request_sent"
 msgstr "Freundschaftsanfrage gesendet"
 
+#: fietsboek/views/user_data.py:195
+msgid "flash.sessions_logged_out"
+msgstr "Die Sitzungen wurden beendet. Melde Dich bitte erneut an, um fortzufahren."
+
diff --git a/fietsboek/locale/en/LC_MESSAGES/messages.mo b/fietsboek/locale/en/LC_MESSAGES/messages.mo
index 56137c1..da23e31 100644
--- a/fietsboek/locale/en/LC_MESSAGES/messages.mo
+++ b/fietsboek/locale/en/LC_MESSAGES/messages.mo
diff --git a/fietsboek/locale/en/LC_MESSAGES/messages.po b/fietsboek/locale/en/LC_MESSAGES/messages.po
index c1ff29e..45b15cc 100644
--- a/fietsboek/locale/en/LC_MESSAGES/messages.po
+++ b/fietsboek/locale/en/LC_MESSAGES/messages.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PROJECT VERSION\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2023-08-17 22:51+0200\n"
+"POT-Creation-Date: 2023-09-14 20:05+0200\n"
 "PO-Revision-Date: 2023-04-03 20:42+0200\n"
 "Last-Translator: \n"
 "Language: en\n"
@@ -747,22 +747,37 @@ msgid "page.my_profile.personal_data.save"
 msgstr "Save"
 
 #: fietsboek/templates/user_data.jinja2:38
+msgid "page.my_profile.session_logout.title"
+msgstr "Invalidate sessions"
+
+#: fietsboek/templates/user_data.jinja2:40
+msgid "page.my_profile.session_logout.explanation"
+msgstr ""
+"With this functionality, you can force all of your current sessions "
+"to be logged out. This is useful when you forgot to log out on a foreign "
+"device. Note that you will have to log in again after using this function."
+
+#: fietsboek/templates/user_data.jinja2:44
+msgid "page.my_profile.session_logout.button"
+msgstr "Close all sessions"
+
+#: fietsboek/templates/user_data.jinja2:49
 msgid "page.my_profile.friends"
 msgstr "Friends"
 
-#: fietsboek/templates/user_data.jinja2:46
+#: fietsboek/templates/user_data.jinja2:57
 msgid "page.my_profile.unfriend"
 msgstr "Unfriend"
 
-#: fietsboek/templates/user_data.jinja2:56
+#: fietsboek/templates/user_data.jinja2:67
 msgid "page.my_profile.accept_friend"
 msgstr "Accept"
 
-#: fietsboek/templates/user_data.jinja2:73
+#: fietsboek/templates/user_data.jinja2:84
 msgid "page.my_profile.friend_request_email"
 msgstr "Email of the friend"
 
-#: fietsboek/templates/user_data.jinja2:77
+#: fietsboek/templates/user_data.jinja2:88
 msgid "page.my_profile.send_friend_request"
 msgstr "Send friend request"
 
@@ -798,7 +813,7 @@ msgstr "Invalid name"
 msgid "flash.invalid_email"
 msgstr "Invalid email"
 
-#: fietsboek/views/account.py:67
+#: fietsboek/views/account.py:68
 msgid "flash.a_confirmation_link_has_been_sent"
 msgstr "A confirmation link has been sent"
 
@@ -889,23 +904,27 @@ msgstr "Upload successful"
 msgid "flash.upload_cancelled"
 msgstr "Upload cancelled"
 
-#: fietsboek/views/user_data.py:61
+#: fietsboek/views/user_data.py:66
 msgid "flash.personal_data_updated"
 msgstr "Personal data has been updated"
 
-#: fietsboek/views/user_data.py:79
+#: fietsboek/views/user_data.py:85
 msgid "flash.friend_not_found"
 msgstr "The friend was not found"
 
-#: fietsboek/views/user_data.py:85
+#: fietsboek/views/user_data.py:91
 msgid "flash.friend_already_exists"
 msgstr "Friend already exists"
 
-#: fietsboek/views/user_data.py:93
+#: fietsboek/views/user_data.py:99
 msgid "flash.friend_added"
 msgstr "Friend has been added"
 
-#: fietsboek/views/user_data.py:103
+#: fietsboek/views/user_data.py:109
 msgid "flash.friend_request_sent"
 msgstr "Friend request sent"
 
+#: fietsboek/views/user_data.py:195
+msgid "flash.sessions_logged_out"
+msgstr "All sessions have been logged out. Please log in again to continue."
+
diff --git a/fietsboek/locale/fietslog.pot b/fietsboek/locale/fietslog.pot
index ed93194..b87785e 100644
--- a/fietsboek/locale/fietslog.pot
+++ b/fietsboek/locale/fietslog.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PROJECT VERSION\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2023-08-17 22:51+0200\n"
+"POT-Creation-Date: 2023-09-14 20:05+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -739,22 +739,34 @@ msgid "page.my_profile.personal_data.save"
 msgstr ""
 
 #: fietsboek/templates/user_data.jinja2:38
+msgid "page.my_profile.session_logout.title"
+msgstr ""
+
+#: fietsboek/templates/user_data.jinja2:40
+msgid "page.my_profile.session_logout.explanation"
+msgstr ""
+
+#: fietsboek/templates/user_data.jinja2:44
+msgid "page.my_profile.session_logout.button"
+msgstr ""
+
+#: fietsboek/templates/user_data.jinja2:49
 msgid "page.my_profile.friends"
 msgstr ""
 
-#: fietsboek/templates/user_data.jinja2:46
+#: fietsboek/templates/user_data.jinja2:57
 msgid "page.my_profile.unfriend"
 msgstr ""
 
-#: fietsboek/templates/user_data.jinja2:56
+#: fietsboek/templates/user_data.jinja2:67
 msgid "page.my_profile.accept_friend"
 msgstr ""
 
-#: fietsboek/templates/user_data.jinja2:73
+#: fietsboek/templates/user_data.jinja2:84
 msgid "page.my_profile.friend_request_email"
 msgstr ""
 
-#: fietsboek/templates/user_data.jinja2:77
+#: fietsboek/templates/user_data.jinja2:88
 msgid "page.my_profile.send_friend_request"
 msgstr ""
 
@@ -790,7 +802,7 @@ msgstr ""
 msgid "flash.invalid_email"
 msgstr ""
 
-#: fietsboek/views/account.py:67
+#: fietsboek/views/account.py:68
 msgid "flash.a_confirmation_link_has_been_sent"
 msgstr ""
 
@@ -878,23 +890,27 @@ msgstr ""
 msgid "flash.upload_cancelled"
 msgstr ""
 
-#: fietsboek/views/user_data.py:61
+#: fietsboek/views/user_data.py:66
 msgid "flash.personal_data_updated"
 msgstr ""
 
-#: fietsboek/views/user_data.py:79
+#: fietsboek/views/user_data.py:85
 msgid "flash.friend_not_found"
 msgstr ""
 
-#: fietsboek/views/user_data.py:85
+#: fietsboek/views/user_data.py:91
 msgid "flash.friend_already_exists"
 msgstr ""
 
-#: fietsboek/views/user_data.py:93
+#: fietsboek/views/user_data.py:99
 msgid "flash.friend_added"
 msgstr ""
 
-#: fietsboek/views/user_data.py:103
+#: fietsboek/views/user_data.py:109
 msgid "flash.friend_request_sent"
 msgstr ""
 
+#: fietsboek/views/user_data.py:195
+msgid "flash.sessions_logged_out"
+msgstr ""
+
diff --git a/fietsboek/routes.py b/fietsboek/routes.py
index 36233e6..480094c 100644
--- a/fietsboek/routes.py
+++ b/fietsboek/routes.py
@@ -60,6 +60,7 @@ def includeme(config):
     config.add_route("accept-friend", "/me/accept-friend")
     config.add_route("json-friends", "/me/friends.json")
     config.add_route("toggle-favourite", "/me/toggle-favourite")
+    config.add_route("force-logout", "/me/force-logout")
 
     config.add_route("profile", "/user/{user_id}", factory="fietsboek.models.User.factory")
     config.add_route(
diff --git a/fietsboek/templates/user_data.jinja2 b/fietsboek/templates/user_data.jinja2
index 15588e8..59124ea 100644
--- a/fietsboek/templates/user_data.jinja2
+++ b/fietsboek/templates/user_data.jinja2
@@ -35,6 +35,17 @@
 
   <hr>
 
+  <h2>{{ _("page.my_profile.session_logout.title") }}</h2>
+
+  <p>{{ _("page.my_profile.session_logout.explanation") }}</p>
+
+  <form method="POST" action="{{ request.route_path('force-logout') }}">
+    {{ util.hidden_csrf_input() }}
+    <button type="submit" class="btn btn-danger"><i class="bi bi-shield-lock-fill"></i> {{ _("page.my_profile.session_logout.button") }}</button>
+  </form>
+
+  <hr>
+
   <h2>{{ _("page.my_profile.friends") }}</h2>
 
   <ul class="list-group">
diff --git a/fietsboek/views/user_data.py b/fietsboek/views/user_data.py
index 2f6daef..66c2075 100644
--- a/fietsboek/views/user_data.py
+++ b/fietsboek/views/user_data.py
@@ -4,6 +4,7 @@ import datetime
 from pyramid.httpexceptions import HTTPForbidden, HTTPFound, HTTPNotFound
 from pyramid.i18n import TranslationString as _
 from pyramid.request import Request
+from pyramid.response import Response
 from pyramid.security import remember
 from pyramid.view import view_config
 from sqlalchemy import select
@@ -181,3 +182,15 @@ def do_toggle_favourite(request: Request) -> dict:
         return HTTPNotFound()
     request.identity.toggle_favourite(track)
     return {"favourite": request.identity in track.favourees}
+
+
+@view_config(route_name="force-logout", permission="user", request_method="POST")
+def do_force_logout(request: Request) -> Response:
+    """Forces all sessions to be logged out.
+
+    :param request: The Pyramid request.
+    :return: The HTTP response.
+    """
+    request.identity.roll_session_secret()
+    request.session.flash(request.localizer.translate(_("flash.sessions_logged_out")))
+    return HTTPFound(request.route_url("login"))