diff --git a/thehive/app/org/thp/thehive/controllers/v0/Router.scala b/thehive/app/org/thp/thehive/controllers/v0/Router.scala index 1aa7c9da7a..957d6e9831 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/Router.scala @@ -39,10 +39,11 @@ class Router @Inject() ( case POST(p"/_stats") => statsCtrl.stats - case GET(p"/status") => statusCtrl.get - case GET(p"/health") => statusCtrl.health - case GET(p"/logout") => authenticationCtrl.logout - case POST(p"/login") => authenticationCtrl.login + case GET(p"/status") => statusCtrl.get + case GET(p"/health") => statusCtrl.health + case GET(p"/logout") => authenticationCtrl.logout + case POST(p"/logout") => authenticationCtrl.logout + case POST(p"/login") => authenticationCtrl.login // case POST(p"/ssoLogin") => authenticationCtrl.ssoLogin case DELETE(p"/case/shares") => shareCtrl.removeShares() diff --git a/thehive/app/org/thp/thehive/controllers/v1/AuditCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/AuditCtrl.scala index b7441a3eac..5dcaabf6f5 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/AuditCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/AuditCtrl.scala @@ -41,7 +41,7 @@ class AuditCtrl @Inject() ( ) override val outputQuery: Query = Query.output[RichAudit, AuditSteps](_.richAudit) - def flow(): Action[AnyContent] = + def flow: Action[AnyContent] = entrypoint("audit flow") .authRoTransaction(db) { implicit request => implicit graph => val audits = auditSrv diff --git a/thehive/app/org/thp/thehive/controllers/v1/AuthenticationCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/AuthenticationCtrl.scala index 4549b499b3..3e2306e110 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/AuthenticationCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/AuthenticationCtrl.scala @@ -48,6 +48,10 @@ class AuthenticationCtrl @Inject() ( } yield authSrv.setSessionUser(authContext)(Results.Ok(user.toJson)) } + def logout: Action[AnyContent] = entrypoint("logout") { _ => + Success(Results.Ok.withNewSession) + } + def withTotpAuthSrv[A](body: TOTPAuthSrv => Try[A]): Try[A] = authSrv match { case totpAuthSrv: TOTPAuthSrv if totpAuthSrv.enabled => body(totpAuthSrv) diff --git a/thehive/app/org/thp/thehive/controllers/v1/Router.scala b/thehive/app/org/thp/thehive/controllers/v1/Router.scala index 984871bf24..3549028b14 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/Router.scala @@ -24,7 +24,9 @@ class Router @Inject() ( case GET(p"/status") => statusCtrl.get // GET /health controllers.StatusCtrl.health // GET /logout controllers.AuthenticationCtrl.logout() - case POST(p"/login") => authenticationCtrl.login() + case GET(p"/logout") => authenticationCtrl.logout + case POST(p"/logout") => authenticationCtrl.logout + case POST(p"/login") => authenticationCtrl.login case POST(p"/auth/totp/set") => authenticationCtrl.totpSetSecret case POST(p"/auth/totp/unset") => authenticationCtrl.totpUnsetSecret(None) case POST(p"/auth/totp/unset/$user") => authenticationCtrl.totpUnsetSecret(Some(user)) @@ -89,7 +91,7 @@ class Router @Inject() ( // DELETE /alert/:alertId controllers.AlertCtrl.delete(alertId) // POST /alert/:alertId/merge/:caseId controllers.AlertCtrl.mergeWithCase(alertId, caseId) - case GET(p"/audit") => auditCtrl.flow() + case GET(p"/audit") => auditCtrl.flow // GET /flow controllers.AuditCtrl.flow(rootId: Option[String], count: Option[Int]) // GET /audit controllers.AuditCtrl.find() // POST /audit/_search controllers.AuditCtrl.find()