From 079565460c6fc69c646297cfc664d6a16d1ada63 Mon Sep 17 00:00:00 2001
From: Alex <alex@roese.dev>
Date: Fri, 9 Jul 2021 17:44:58 +0200
Subject: [PATCH] Added func DeleteSession

---
 routers/api/v1/user/session.go | 29 ++++++++++++++++++++++++-----
 1 file changed, 24 insertions(+), 5 deletions(-)

diff --git a/routers/api/v1/user/session.go b/routers/api/v1/user/session.go
index d651e3b..52050d8 100644
--- a/routers/api/v1/user/session.go
+++ b/routers/api/v1/user/session.go
@@ -1,7 +1,6 @@
 package user
 
 import (
-	"database/sql"
 	"time"
 
 	"git.umbach.dev/app-idea/rest-api/modules/database"
@@ -16,7 +15,7 @@ func isSessionIdValid(sessionId string) bool {
 	deleteExpiredSessions(database.DB)
 
 	var res string
-	var db = database.DB
+	db := database.DB
 
 	db.Raw("SELECT session_id FROM sessions WHERE session_id = ?", sessionId).Scan(&res)
 
@@ -27,12 +26,32 @@ func isSessionIdValid(sessionId string) bool {
 	}
 }
 
-func deleteSession(db *sql.DB, sessionId string) {
-	_, err := db.Exec("DELETE FROM sessions WHERE session_id = ?", sessionId)
+func DeleteSession(c *fiber.Ctx) error {
+	// swagger:operation POST /sessions/{id} Sessions sessions
+	// ---
+	// summary: Delete a user sessions
+	// responses:
+	//   '200':
+	//     description: User informations
+	//   '400':
+	//     description: Session id invalid
+
+	db := database.DB
+
+	userId, err := getUserIdBySessionId(c.Cookies("session_id"))
 
 	if err != nil {
-		log.Warnln("err deleting session:", err)
+		return c.SendStatus(fiber.StatusInternalServerError)
 	}
+
+	res := db.Where("user_id = ? AND session_id = ?", userId, c.Cookies("session_id")).Delete(&structs.Session{})
+
+	// session isn't in list
+	if res.RowsAffected == 0 {
+		return c.SendStatus(fiber.StatusBadRequest)
+	}
+
+	return c.SendStatus(fiber.StatusOK)
 }
 
 func deleteExpiredSessions(db *gorm.DB) {