summaryrefslogtreecommitdiff
path: root/server/controllers/sessions.controller.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/controllers/sessions.controller.ts')
-rw-r--r--server/controllers/sessions.controller.ts6
1 files changed, 5 insertions, 1 deletions
diff --git a/server/controllers/sessions.controller.ts b/server/controllers/sessions.controller.ts
index e1d1155..8a85a12 100644
--- a/server/controllers/sessions.controller.ts
+++ b/server/controllers/sessions.controller.ts
@@ -8,6 +8,8 @@ import { RefreshToken } from 'server/entities/refresh_token.entity';
import { Skip } from 'server/decorators/skip.decorator';
import { AuthGuard } from 'server/providers/guards/auth.guard';
import { RolesService } from 'server/providers/services/roles.service';
+import { JwtBody } from 'server/decorators/jwt_body.decorator';
+import { JwtBodyDto } from 'server/dto/jwt_body.dto';
// this is kind of a misnomer because we are doing token based auth
// instead of session based auth
@@ -53,7 +55,9 @@ export class SessionsController {
}
@Delete('/sessions')
- async destroy(@Res({ passthrough: true }) res: Response) {
+ async destroy(@Res({ passthrough: true }) res: Response, @JwtBody() jwtBody: JwtBodyDto) {
+ const user = await this.usersService.find(jwtBody.userId, ['refreshTokens']);
+ await this.refreshTokenService.destroy(...user.refreshTokens);
res.clearCookie('_refresh_token');
return { success: true };
}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-21 23:39:29 +0000