Add active session management

app/Http/Controllers/Base/IndexController.php

@@ -29,7 +29,7 @@ use Hash;
 use Google2FA;
 use Alert;
 
-use Pterodactyl\Models\Server;
+use Pterodactyl\Models;
 use Pterodactyl\Exceptions\DisplayException;
 
 use Pterodactyl\Http\Controllers\Controller;
@@ -55,7 +55,7 @@ class IndexController extends Controller
     public function getIndex(Request $request)
     {
         return view('base.index', [
-            'servers' => Server::getUserServers(10),
+            'servers' => Models\Server::getUserServers(10),
         ]);
     }
 
@@ -72,14 +72,16 @@ class IndexController extends Controller
     }
 
     /**
-     * Returns TOTP Management Page.
+     * Returns Security Management Page.
      *
      * @param  \Illuminate\Http\Request $request
      * @return \Illuminate\Contracts\View\View
      */
-    public function getAccountTotp(Request $request)
+    public function getAccountSecurity(Request $request)
     {
-        return view('base.totp');
+        return view('base.security', [
+            'sessions' => Models\Session::where('user_id', Auth::user()->id)->get()
+        ]);
     }
 
     /**
@@ -227,4 +229,11 @@ class IndexController extends Controller
 
     }
 
+    public function getRevokeSession(Request $request, $id)
+    {
+        $session = Models\Session::where('id', $id)->where('user_id', Auth::user()->id)->firstOrFail();
+        $session->delete();
+        return redirect()->route('account.security');
+    }
+
 }

app/Http/Routes/BaseRoutes.php

@@ -71,15 +71,19 @@ class BaseRoutes {
 
         // TOTP Routes
         $router->group([
-            'prefix' => 'account/totp',
+            'prefix' => 'account/security',
             'middleware' => [
                 'auth',
                 'csrf'
             ]
         ], function () use ($router) {
             $router->get('/', [
-                'as' => 'account.totp',
-                'uses' => 'Base\IndexController@getAccountTotp'
+                'as' => 'account.security',
+                'uses' => 'Base\IndexController@getAccountSecurity'
+            ]);
+            $router->get('/revoke/{id}', [
+                'as' => 'account.security.revoke',
+                'uses' => 'Base\IndexController@getRevokeSession'
             ]);
             $router->put('/', [
                 'uses' => 'Base\IndexController@putAccountTotp'

app/Models/Session.php

@@ -0,0 +1,48 @@
+<?php
+/**
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+namespace Pterodactyl\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class Session extends Model
+{
+
+    /**
+     * The table associated with the model.
+     *
+     * @var string
+     */
+    protected $table = 'sessions';
+
+    /**
+     * Cast values to correct type.
+     *
+     * @var array
+     */
+     protected $casts = [
+         'id' => 'string',
+         'user_id' => 'integer',
+     ];
+
+}