feat(user/edit): clear_remember_token

web/app/controllers/user_info_edit.php

@@ -398,6 +398,24 @@ EOD);
 
 		dieWithAlert('密码修改成功！');
 	}
+
+	if (isSuperUser(Auth::user())) {
+		$clear_remember_token_form = new UOJForm('clear_remember_token');
+		$clear_remember_token_form->handle = function () use ($user) {
+			DB::update([
+				"update user_info",
+				"set", [
+					"remember_token" => "",
+				],
+				"where", ["username" => $user['username']]
+			]);
+		};
+		$clear_remember_token_form->config['submit_container']['class'] = 'text-end';
+		$clear_remember_token_form->config['submit_button']['class'] = 'btn btn-sm btn-danger';
+		$clear_remember_token_form->config['submit_button']['text'] = '清除 remember_token（强制下线）';
+		$clear_remember_token_form->config['confirm']['smart'] = true;
+		$clear_remember_token_form->runAtServer();
+	}
 } elseif ($cur_tab == 'privilege') {
 	$users_default_permissions = UOJContext::getMeta('users_default_permissions');
 	$type_text = UOJLocale::get('user::normal user');
@@ -845,6 +863,12 @@ $pageTitle = $user['username'] == Auth::id()
 							<button type="submit" id="button-submit-change_password" name="submit-change_password" value="change_password" class="mt-3 btn btn-secondary">更新</button>
 						</div>
 					</form>
+
+					<?php if (isset($clear_remember_token_form)) : ?>
+						<hr />
+
+						<?php $clear_remember_token_form->printHTML() ?>
+					<?php endif ?>
 				</div>
 			</div>
 			<script>

web/app/models/Auth.php

@@ -33,36 +33,34 @@ class Auth {
 		return $myUser[$name];
 	}
 
-	public static function login($username, $remember = true) {
+	public static function login($username) {
 		if (!validateUsername($username)) {
 			return;
 		}
 
 		$_SESSION['username'] = $username;
 
-		if ($remember) {
-			$remember_token = DB::selectSingle([
-				"select remember_token from user_info",
+		$remember_token = DB::selectSingle([
+			"select remember_token from user_info",
+			"where", ["username" => $username]
+		]);
+
+		if ($remember_token == '') {
+			$remember_token = uojRandString(60);
+			DB::update([
+				"update user_info",
+				"set", ["remember_token" => $remember_token],
 				"where", ["username" => $username]
 			]);
-
-			if ($remember_token == '') {
-				$remember_token = uojRandString(60);
-				DB::update([
-					"update user_info",
-					"set", ["remember_token" => $remember_token],
-					"where", ["username" => $username]
-				]);
-			}
-
-			$_SESSION['last_login'] = time();
-			$_SESSION['remember_token'] = $remember_token;
-
-			$expire = time() + 60 * 60 * 24 * 7;
-			Cookie::safeSet('uoj_username', $username, $expire, '/', array('httponly' => true));
-			Cookie::safeSet('uoj_remember_token', $remember_token, $expire, '/', array('httponly' => true));
 		}
 
+		$_SESSION['last_login'] = time();
+		$_SESSION['remember_token'] = $remember_token;
+
+		$expire = time() + 60 * 60 * 24 * 7;
+		Cookie::safeSet('uoj_username', $username, $expire, '/', array('httponly' => true));
+		Cookie::safeSet('uoj_remember_token', $remember_token, $expire, '/', array('httponly' => true));
+
 		DB::update([
 			"update user_info",
 			"set", ["last_login_time" => UOJTime::$time_now_str],
@@ -75,7 +73,7 @@ class Auth {
 	public static function logout() {
 		session_unset();
 
-		Cookie::safeUnset(session_name(), '/');
+		Cookie::unsetVar(session_name(), '/');
 		Cookie::safeUnset('uoj_username', '/');
 		Cookie::safeUnset('uoj_remember_token', '/');