1
0
Files
breadcrumb-the-shire/pages/admin/settings/expire-remember-tokens().php
fs 69739c90d7 refactor(settings): split admin/settings into hub + per-section subpages
Splits the 755-line monolithic settings page into a tile-based landing hub
and six focused subpages (general, security, email, api, sso, branding),
each with its own form, CSRF scope and POST handler. Each subpage offers
Save / Save & close buttons plus a Cancel/back link to the hub.

Backend (AdminSettingsService, gateways, policies, DB schema) unchanged.
A new settingsSectionMergePost() helper overlays section POSTs onto the
current DB values so partial saves don't wipe unrelated fields (the
service defaults missing keys to 0/empty).

Sub-action files (logo/favicon/tokens/lifecycle) redirect to the matching
subpage, and architecture contracts now check the subpage files instead
of the removed monolithic index.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 22:43:12 +02:00

33 lines
1.1 KiB
PHP

<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$currentUserId = (int) ($session['user']['id'] ?? 0);
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_TOKENS_REVOKE, [
'actor_user_id' => $currentUserId,
]);
if (!$decision->isAllowed()) {
Guard::deny();
}
if (!actionRequirePost('admin/settings/security')) {
return;
}
if (!actionRequireCsrf('admin/settings/security', 'admin/settings/security', 'settings_tokens_expire')) {
return;
}
$rememberMeService = app(\MintyPHP\Service\Auth\RememberMeService::class);
$count = $rememberMeService->expireAllTokensByAdmin();
Flash::success(sprintf(t('%d login tokens expired'), $count), 'admin/settings/security', 'login_tokens_expired');
Router::redirect('admin/settings/security');