package com.honvay.cola.auth.web.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;

import java.security.Principal;
import java.util.List;

/**
 * @author LIQIU
 * created on 2018-11-24
 **/
@Controller
@RequestMapping("/session")
public class SessionController {

	@Autowired
	private SessionRegistry sessionRegistry;

	@PostMapping("/revoke")
	public ResponseEntity<String> revoke(Principal principal) {
		sessionRegistry.getAllPrincipals();
		List<SessionInformation> sessionInformations = sessionRegistry
				.getAllSessions(principal, false);
		for (SessionInformation sessionInformation : sessionInformations) {
			sessionInformation.expireNow();

			sessionRegistry.removeSessionInformation(sessionInformation
					.getSessionId());

		}
		return ResponseEntity.ok().build();
	}

}