#1410 Add logout API

TheHive-Project · Jul 17, 2020 · 86ee6dd · 86ee6dd
1 parent d9a6838
commit 86ee6dd
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 7 deletions.
diff --git a/thehive/app/org/thp/thehive/controllers/v0/Router.scala b/thehive/app/org/thp/thehive/controllers/v0/Router.scala
@@ -39,10 +39,11 @@ class Router @Inject() (
 
     case POST(p"/_stats") => statsCtrl.stats
 
-    case GET(p"/status") => statusCtrl.get
-    case GET(p"/health") => statusCtrl.health
-    case GET(p"/logout") => authenticationCtrl.logout
-    case POST(p"/login") => authenticationCtrl.login
+    case GET(p"/status")  => statusCtrl.get
+    case GET(p"/health")  => statusCtrl.health
+    case GET(p"/logout")  => authenticationCtrl.logout
+    case POST(p"/logout") => authenticationCtrl.logout
+    case POST(p"/login")  => authenticationCtrl.login
 //    case POST(p"/ssoLogin") => authenticationCtrl.ssoLogin
 
     case DELETE(p"/case/shares")                               => shareCtrl.removeShares()

diff --git a/thehive/app/org/thp/thehive/controllers/v1/AuditCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/AuditCtrl.scala
@@ -41,7 +41,7 @@ class AuditCtrl @Inject() (
     )
   override val outputQuery: Query = Query.output[RichAudit, AuditSteps](_.richAudit)
 
-  def flow(): Action[AnyContent] =
+  def flow: Action[AnyContent] =
     entrypoint("audit flow")
       .authRoTransaction(db) { implicit request => implicit graph =>
         val audits = auditSrv

diff --git a/thehive/app/org/thp/thehive/controllers/v1/AuthenticationCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/AuthenticationCtrl.scala
@@ -48,6 +48,10 @@ class AuthenticationCtrl @Inject() (
         } yield authSrv.setSessionUser(authContext)(Results.Ok(user.toJson))
       }
 
+  def logout: Action[AnyContent] = entrypoint("logout") { _ =>
+    Success(Results.Ok.withNewSession)
+  }
+
   def withTotpAuthSrv[A](body: TOTPAuthSrv => Try[A]): Try[A] =
     authSrv match {
       case totpAuthSrv: TOTPAuthSrv if totpAuthSrv.enabled => body(totpAuthSrv)

diff --git a/thehive/app/org/thp/thehive/controllers/v1/Router.scala b/thehive/app/org/thp/thehive/controllers/v1/Router.scala
@@ -24,7 +24,9 @@ class Router @Inject() (
     case GET(p"/status") => statusCtrl.get
 //    GET  /health                              controllers.StatusCtrl.health
 //    GET      /logout                              controllers.AuthenticationCtrl.logout()
-    case POST(p"/login")                 => authenticationCtrl.login()
+    case GET(p"/logout")                 => authenticationCtrl.logout
+    case POST(p"/logout")                => authenticationCtrl.logout
+    case POST(p"/login")                 => authenticationCtrl.login
     case POST(p"/auth/totp/set")         => authenticationCtrl.totpSetSecret
     case POST(p"/auth/totp/unset")       => authenticationCtrl.totpUnsetSecret(None)
     case POST(p"/auth/totp/unset/$user") => authenticationCtrl.totpUnsetSecret(Some(user))
@@ -89,7 +91,7 @@ class Router @Inject() (
 //    DELETE   /alert/:alertId                      controllers.AlertCtrl.delete(alertId)
 //    POST     /alert/:alertId/merge/:caseId        controllers.AlertCtrl.mergeWithCase(alertId, caseId)
 
-    case GET(p"/audit") => auditCtrl.flow()
+    case GET(p"/audit") => auditCtrl.flow
 //      GET      /flow                                controllers.AuditCtrl.flow(rootId: Option[String], count: Option[Int])
 //    GET      /audit                               controllers.AuditCtrl.find()
 //    POST     /audit/_search                       controllers.AuditCtrl.find()