Add ability to list and revoke token sessions

2025-10-05 02:39:33 +02:00 · 2025-07-30 11:33:07 +02:00 · 2025-07-30 11:33:07 +02:00 · 57caf25611
commit 57caf25611
parent a53ed039b8
40 changed files with 1158 additions and 138 deletions
--- a/packages/server-commands/src/users/login-command.ts
+++ b/packages/server-commands/src/users/login-command.ts
@ -1,4 +1,5 @@
-import { HttpStatusCode, PeerTubeProblemDocument } from '@peertube/peertube-models'
+import { pick } from '@peertube/peertube-core-utils'
+import { HttpStatusCode, PeerTubeProblemDocument, ResultList, TokenSession } from '@peertube/peertube-models'
 import { unwrapBody } from '../requests/index.js'
 import { AbstractCommand, OverrideCommandOptions } from '../shared/index.js'

@ -6,10 +7,12 @@ type LoginOptions = OverrideCommandOptions & {
  client?: { id?: string, secret?: string }
  user?: { username: string, password?: string }
  otpToken?: string
+
+  userAgent?: string
+  xForwardedFor?: string
 }

 export class LoginCommand extends AbstractCommand {
-
  async login (options: LoginOptions = {}) {
    const res = await this._login(options)

@ -43,10 +46,12 @@ export class LoginCommand extends AbstractCommand {
    }
  }

-  loginUsingExternalToken (options: OverrideCommandOptions & {
-    username: string
-    externalAuthToken: string
-  }) {
+  loginUsingExternalToken (
+    options: OverrideCommandOptions & {
+      username: string
+      externalAuthToken: string
+    }
+  ) {
    const { username, externalAuthToken } = options
    const path = '/api/v1/users/token'

@ -71,9 +76,11 @@ export class LoginCommand extends AbstractCommand {
    })
  }

-  logout (options: OverrideCommandOptions & {
-    token: string
-  }) {
+  logout (
+    options: OverrideCommandOptions & {
+      token: string
+    }
+  ) {
    const path = '/api/v1/users/revoke-token'

    return unwrapBody<{ redirectUrl: string }>(this.postBodyRequest({
@ -86,9 +93,13 @@ export class LoginCommand extends AbstractCommand {
    }))
  }

-  refreshToken (options: OverrideCommandOptions & {
-    refreshToken: string
-  }) {
+  refreshToken (
+    options: OverrideCommandOptions & {
+      refreshToken: string
+      userAgent?: string
+      xForwardedFor?: string
+    }
+  ) {
    const path = '/api/v1/users/token'

    const body = {
@ -99,11 +110,17 @@ export class LoginCommand extends AbstractCommand {
      grant_type: 'refresh_token'
    }

+    const headers = options.userAgent
+      ? { 'user-agent': options.userAgent }
+      : {}
+
    return this.postBodyRequest({
      ...options,

      path,
      requestType: 'form',
+      headers,
+      xForwardedFor: options.xForwardedFor,
      fields: body,
      implicitToken: false,
      defaultExpectedStatus: HttpStatusCode.OK_200
@ -137,9 +154,9 @@ export class LoginCommand extends AbstractCommand {
      scope: 'upload'
    }

-    const headers = otpToken
-      ? { 'x-peertube-otp': otpToken }
-      : {}
+    const headers: Record<string, string> = {}
+    if (otpToken) headers['x-peertube-otp'] = otpToken
+    if (options.userAgent) headers['user-agent'] = options.userAgent

    return this.postBodyRequest({
      ...options,
@ -147,6 +164,7 @@ export class LoginCommand extends AbstractCommand {
      path,
      headers,
      requestType: 'form',
+      xForwardedFor: options.xForwardedFor,
      fields: body,
      implicitToken: false,
      defaultExpectedStatus: HttpStatusCode.OK_200
@ -156,4 +174,43 @@ export class LoginCommand extends AbstractCommand {
  private unwrapLoginBody (body: any) {
    return body as { access_token: string, refresh_token: string } & PeerTubeProblemDocument
  }
+
+  // ---------------------------------------------------------------------------
+
+  listSessions (
+    options: OverrideCommandOptions & {
+      sort?: string
+      start?: number
+      count?: number
+      userId: number
+    }
+  ) {
+    const path = `/api/v1/users/${options.userId}/token-sessions`
+
+    return this.getRequestBody<ResultList<TokenSession>>({
+      ...options,
+
+      path,
+      query: pick(options, [ 'sort', 'start', 'count' ]),
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.OK_200
+    })
+  }
+
+  revokeSession (
+    options: OverrideCommandOptions & {
+      userId: number
+      sessionId: number
+    }
+  ) {
+    const path = `/api/v1/users/${options.userId}/token-sessions/${options.sessionId}/revoke`
+
+    return this.postBodyRequest({
+      ...options,
+
+      path,
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.OK_200
+    })
+  }
 }
--- a/packages/server-commands/src/users/users-command.ts
+++ b/packages/server-commands/src/users/users-command.ts
@ -232,13 +232,22 @@ export class UsersCommand extends AbstractCommand {

  // ---------------------------------------------------------------------------

-  getMyInfo (options: OverrideCommandOptions = {}) {
+  getMyInfo (options: OverrideCommandOptions & {
+    userAgent?: string
+    xForwardedFor?: string
+  } = {}) {
    const path = '/api/v1/users/me'

+    const headers = options.userAgent
+      ? { 'user-agent': options.userAgent }
+      : {}
+
    return this.getRequestBody<MyUser>({
      ...options,

      path,
+      headers,
+      xForwardedFor: options.xForwardedFor,
      implicitToken: true,
      defaultExpectedStatus: HttpStatusCode.OK_200
    })