OpenSlides · hjanott · Dec 5, 2024 · Nov 29, 2024 · Nov 29, 2024 · Nov 29, 2024
diff --git a/auth/libraries/pip-auth/authlib/auth_handler.py b/auth/libraries/pip-auth/authlib/auth_handler.py
@@ -79,3 +79,6 @@ def verify_authorization_token(self, authorization_token: str) -> Tuple[int, str
 
     def clear_all_sessions(self, access_token: str, refresh_id: str) -> None:
         return self.session_handler.clear_all_sessions(access_token, refresh_id)
+
+    def clear_sessions_by_user_id(self, user_id: int) -> None:
+        return self.session_handler.clear_sessions_by_user_id(user_id)
diff --git a/auth/libraries/pip-auth/authlib/session_handler.py b/auth/libraries/pip-auth/authlib/session_handler.py
@@ -61,3 +61,12 @@ def clear_all_sessions(self, token: str, cookie: str) -> None:
         )
         if response.status_code != 200:
             raise AuthenticateException("Failed to clear all sessions")
+
+    def clear_sessions_by_user_id(self, user_id: int) -> None:
+        response = self.http_handler.send_internal_request(
+            "clear-sessions-by-user-id", {"userId": user_id}
+        )
+        if response.status_code != 200:
+            raise AuthenticateException(
+                f"Failed to clear all sessions of user {user_id}."
+            )
diff --git a/auth/src/express/controllers/private-controller.ts b/auth/src/express/controllers/private-controller.ts
@@ -5,6 +5,7 @@ import { Body, OnPost, Res, RestController, Req } from 'rest-app';
 import { AuthHandler } from '../../api/interfaces/auth-handler';
 import { AuthService } from '../../api/services/auth-service';
 import { AuthorizationException } from '../../core/exceptions/authorization-exception';
+import { Id } from '../../core/key-transforms';
 import { JwtPayload } from '../../core/ticket/base-jwt';
 import { Token } from '../../core/ticket/token';
 import { AuthServiceResponse } from '../../util/helper/definitions';
@@ -53,4 +54,10 @@ export class PrivateController {
             throw new AuthorizationException('You are not authorized');
         }
     }
+
+    @OnPost('clear-sessions-by-user-id')
+    public async clearSessionsByUserId(@Body('userId') userId: Id): Promise<AuthServiceResponse> {
+        await this._authHandler.clearAllSessions(userId);
+        return createResponse();
+    }
 }
diff --git a/auth/test/clear-sessions-by-user-id.spec.ts b/auth/test/clear-sessions-by-user-id.spec.ts
@@ -0,0 +1,27 @@
+import { Utils } from './utils';
+import { TestContainer } from './test-container';
+
+let container: TestContainer;
+
+beforeAll(async () => {
+    container = new TestContainer();
+    await container.ready();
+});
+
+afterEach(async () => {
+    container.user.reset();
+    await container.redis.flushdb();
+});
+
+afterAll(async () => {
+    await container.end();
+});
+
+test('POST clear-sessions-by-user-id', async () => {
+    await container.request.login();
+    await container.http.post('clear-sessions-by-user-id', {
+        data: { userId: 1 }, 
+        internal: true
+    });
+    await container.request.sendRequestAndValidateForbiddenRequest(container.request.authenticate());
+});