SessionController.php

1. <?php
2.  
3. namespace App\Http\Controllers\Auth;
4.  
5. use Illuminate\Support\Facades\DB;
6. use App\Http\Controllers\Controller;
7. use Illuminate\Http\Request;
8. use Illuminate\Support\Facades\Auth;
9. use Illuminate\Support\Facades\Date;
10. use MongoDB\BSON\ObjectId;
11.  
12. class SessionController extends Controller
13. {
14.     /**
15.      * List all sessions for the authenticated user.
16.      */
17.     public function index(Request $request)
18.     {
19.         $userId = (string) Auth::id();
20.  
21.         $collection = DB::connection('mongodb')->getMongoClient()
22.             ->selectDatabase(config('database.connections.mongodb.database'))
23.             ->selectCollection('sessions');
24.  
25.         // Find sessions by user_id and sort by last_activity desc
26.         $cursor = $collection->find(
27.             ['user_id' => $userId],
28.             ['sort' => ['last_activity' => -1]]
29.         );
30.  
31.         $sessions = [];
32.         foreach ($cursor as $session) {
33.             $sessions[] = [
34.                 'id' => (string) $session->_id,
35.                 'ip_address' => $session->ip_address ?? null,
36.                 'user_agent' => $session->user_agent ?? null,
37.                 'last_activity' => isset($session->last_activity)
38.                     ? Date::createFromTimestamp($session->last_activity)->toDateTimeString()
39.                     : null,
40.                 'expires_at' => isset($session->expires_at)
41.                     ? Date::parse($session->expires_at)->toDateTimeString()
42.                     : null,
43.             ];
44.         }
45.  
46.         return response()->json($sessions);
47.     }
48.  
49.     /**
50.      * Revoke a session by ID.
51.      */
52.     public function destroy(Request $request, string $id)
53.     {
54.         $userId = (string) Auth::id();
55.  
56.         $collection = DB::connection('mongodb')->getMongoClient()
57.             ->selectDatabase(config('database.connections.mongodb.database'))
58.             ->selectCollection('sessions');
59.  
60.         // Convert string id to ObjectId
61.         //try {
62.         //    $objectId = new ObjectId($id);
63.         //} catch (\Exception $e) {
64.         //    return response()->json(['message' => 'Invalid session ID.'], 400);
65.         //}
66.  
67.         // Find session by _id
68.         //$session = $collection->findOne(['_id' => $objectId]);
69.         $session = $collection->findOne(['_id' => $id]);
70.  
71.         if (!$session || ($session->user_id ?? null) !== $userId) {
72.             return response()->json(['message' => 'Session not found or unauthorized.'], 404);
73.         }
74.  
75.         // Delete the session
76.         //$result = $collection->deleteOne(['_id' => $objectId]);
77.         $result = $collection->deleteOne(['_id' => $id]);
78.  
79.         if ($result->getDeletedCount() === 1) {
80.             return response()->json(['message' => 'Session revoked successfully.']);
81.         } else {
82.             return response()->json(['message' => 'Failed to revoke session.'], 500);
83.         }
84.     }
85. }
86.