🐛 Add missing logout device

2025-08-15 03:00:13 +08:00
parent 651c06caac
commit a9aab6b7e5
2 changed files with 44 additions and 2 deletions
--- a/DysonNetwork.Pass/Account/AccountCurrentController.cs
+++ b/DysonNetwork.Pass/Account/AccountCurrentController.cs
@@ -509,6 +509,23 @@ public class AccountCurrentController(
        }
    }

+    [HttpDelete("devices/{deviceId}")]
+    [Authorize]
+    public async Task<ActionResult<AuthSession>> DeleteDevice(string deviceId)
+    {
+        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+
+        try
+        {
+            await accounts.DeleteDevice(currentUser, deviceId);
+            return NoContent();
+        }
+        catch (Exception ex)
+        {
+            return BadRequest(ex.Message);
+        }
+    }
+
    [HttpDelete("sessions/current")]
    [Authorize]
    public async Task<ActionResult<AuthSession>> DeleteCurrentSession()
@@ -738,4 +755,4 @@ public class AccountCurrentController(
            return BadRequest(ex.Message);
        }
    }
-}
+}
--- a/DysonNetwork.Pass/Account/AccountService.cs
+++ b/DysonNetwork.Pass/Account/AccountService.cs
@@ -492,7 +492,7 @@ public class AccountService(
        {
            if (!await IsDeviceActive(session.Challenge.ClientId.Value))
                await pusher.UnsubscribePushNotificationsAsync(new UnsubscribePushNotificationsRequest()
-                    { DeviceId = session.Challenge.Client!.DeviceId }
+                { DeviceId = session.Challenge.Client!.DeviceId }
                );
        }

@@ -506,6 +506,31 @@ public class AccountService(
            await cache.RemoveAsync($"{DysonTokenAuthHandler.AuthCachePrefix}{item.Id}");
    }

+    public async Task DeleteDevice(Account account, string deviceId)
+    {
+        var device = await db.AuthClients.FirstOrDefaultAsync(c => c.DeviceId == deviceId && c.AccountId == account.Id);
+        if (device is null)
+            throw new InvalidOperationException("Device not found.");
+
+        await pusher.UnsubscribePushNotificationsAsync(
+            new UnsubscribePushNotificationsRequest() { DeviceId = device.DeviceId }
+        );
+
+        var sessions = await db.AuthSessions
+            .Include(s => s.Challenge)
+            .Where(s => s.Challenge.ClientId == device.Id)
+            .ToListAsync();
+
+        // The current session should be included in the sessions' list
+        await db.AuthSessions
+            .Include(s => s.Challenge)
+            .Where(s => s.Challenge.DeviceId == device.DeviceId)
+            .ExecuteDeleteAsync();
+
+        foreach (var item in sessions)
+            await cache.RemoveAsync($"{DysonTokenAuthHandler.AuthCachePrefix}{item.Id}");
+    }
+
    public async Task<AccountContact> CreateContactMethod(Account account, AccountContactType type, string content)
    {
        var isExists = await db.AccountContacts