1 files changed, 53 insertions, 0 deletions

diff --git a/api4/user.go b/api4/user.go
index e394b9661..5337cedf0 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -34,6 +34,9 @@ func InitUser() {
 	BaseRoutes.UserByUsername.Handle("", ApiSessionRequired(getUserByUsername)).Methods("GET")
 	BaseRoutes.UserByEmail.Handle("", ApiSessionRequired(getUserByEmail)).Methods("GET")
 
+	BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET")
+	BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST")
+
 }
 
 func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -476,3 +479,53 @@ func Logout(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	ReturnStatusOK(w)
 }
+
+func getSessions(c *Context, w http.ResponseWriter, r *http.Request) {
+    c.RequireUserId()
+    if c.Err != nil {
+        return
+    }
+
+    if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+        c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+        return
+    }
+
+    if sessions, err := app.GetSessions(c.Params.UserId); err != nil {
+        c.Err = err
+        return
+    } else {
+        for _, session := range sessions {
+            session.Sanitize()
+        }
+
+        w.Write([]byte(model.SessionsToJson(sessions)))
+        return
+    }
+}
+
+func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) {
+    c.RequireUserId()
+    if c.Err != nil {
+        return
+    }
+
+    if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+        c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+        return
+    }
+
+    props := model.MapFromJson(r.Body)
+    sessionId := props["session_id"]
+
+    if sessionId == "" {
+        c.SetInvalidParam("session_id")
+    }
+
+    if err := app.RevokeSessionById(sessionId); err != nil {
+        c.Err = err
+        return
+    }
+
+    ReturnStatusOK(w)
+}
\ No newline at end of file