Spaces:
Sleeping
Sleeping
Update app.py
Browse files
app.py
CHANGED
|
@@ -55,47 +55,6 @@ workos.client_id = os.environ.get('WORKOS_CLIENT_ID', 'placeholder_id')
|
|
| 55 |
|
| 56 |
workos_client = WorkOSClient(api_key=workos.api_key, client_id=workos.client_id)
|
| 57 |
|
| 58 |
-
@app.route('/auth/verify-session', methods=['POST'])
|
| 59 |
-
def verify_session():
|
| 60 |
-
"""
|
| 61 |
-
Enforces single-session policy.
|
| 62 |
-
Expects JSON: { "userId": "user_...", "currentSessionId": "session_..." }
|
| 63 |
-
"""
|
| 64 |
-
data = request.json
|
| 65 |
-
user_id = data.get('userId')
|
| 66 |
-
current_session_id = data.get('currentSessionId')
|
| 67 |
-
|
| 68 |
-
if not user_id or not current_session_id:
|
| 69 |
-
return jsonify({'error': 'Missing userId or currentSessionId'}), 400
|
| 70 |
-
|
| 71 |
-
try:
|
| 72 |
-
# 1. List all active sessions for the user
|
| 73 |
-
sessions_list = workos_client.user_management.list_sessions(
|
| 74 |
-
user_id=user_id,
|
| 75 |
-
)
|
| 76 |
-
|
| 77 |
-
active_sessions = sessions_list.data
|
| 78 |
-
revoked_count = 0
|
| 79 |
-
|
| 80 |
-
# 2. Iterate and revoke any session that is NOT the current one
|
| 81 |
-
for session in active_sessions:
|
| 82 |
-
if session.id != current_session_id:
|
| 83 |
-
# Revoke this old/extra session
|
| 84 |
-
workos_client.user_management.revoke_session(session.id)
|
| 85 |
-
revoked_count += 1
|
| 86 |
-
|
| 87 |
-
return jsonify({
|
| 88 |
-
'status': 'success',
|
| 89 |
-
'revoked_count': revoked_count,
|
| 90 |
-
'message': f'Session verified. {revoked_count} other sessions revoked.'
|
| 91 |
-
})
|
| 92 |
-
|
| 93 |
-
except Exception as e:
|
| 94 |
-
print(f"WorkOS Error: {e}")
|
| 95 |
-
# If API key is invalid or not set, this will error.
|
| 96 |
-
# We return 500 but frontend should handle it (maybe allow login if strict mode is off)
|
| 97 |
-
return jsonify({'error': str(e)}), 500
|
| 98 |
-
|
| 99 |
|
| 100 |
@app.route('/auth/logout-everywhere', methods=['POST'])
|
| 101 |
def logout_everywhere():
|
|
@@ -115,12 +74,10 @@ def logout_everywhere():
|
|
| 115 |
|
| 116 |
# Revoke all
|
| 117 |
for session in sessions_list.data:
|
| 118 |
-
workos_client.user_management.revoke_session(session.id)
|
| 119 |
|
| 120 |
return jsonify({'status': 'success', 'message': 'All sessions revoked.'})
|
| 121 |
|
| 122 |
except Exception as e:
|
| 123 |
print(f"WorkOS Error: {e}")
|
| 124 |
-
return jsonify({'error': str(e)}), 500
|
| 125 |
-
|
| 126 |
-
app.run(host="0.0.0.0", port="7860", debug="true")
|
|
|
|
| 55 |
|
| 56 |
workos_client = WorkOSClient(api_key=workos.api_key, client_id=workos.client_id)
|
| 57 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 58 |
|
| 59 |
@app.route('/auth/logout-everywhere', methods=['POST'])
|
| 60 |
def logout_everywhere():
|
|
|
|
| 74 |
|
| 75 |
# Revoke all
|
| 76 |
for session in sessions_list.data:
|
| 77 |
+
workos_client.user_management.revoke_session(session_id=session.id)
|
| 78 |
|
| 79 |
return jsonify({'status': 'success', 'message': 'All sessions revoked.'})
|
| 80 |
|
| 81 |
except Exception as e:
|
| 82 |
print(f"WorkOS Error: {e}")
|
| 83 |
+
return jsonify({'error': str(e)}), 500
|
|
|
|
|
|