diff options
Diffstat (limited to 'server')
| -rw-r--r-- | server/controllers/refresh_tokens.controller.ts | 4 | ||||
| -rw-r--r-- | server/controllers/sessions.controller.ts | 6 | ||||
| -rw-r--r-- | server/providers/services/refresh_tokens.service.ts | 4 |
3 files changed, 9 insertions, 5 deletions
diff --git a/server/controllers/refresh_tokens.controller.ts b/server/controllers/refresh_tokens.controller.ts index 6aa696f..efa9035 100644 --- a/server/controllers/refresh_tokens.controller.ts +++ b/server/controllers/refresh_tokens.controller.ts @@ -25,14 +25,14 @@ export class RefreshTokensController { const tokenBody = this.jwtService.parseRefreshToken(refreshToken) as RefreshTokenBody; const user = await this.usersService.find(tokenBody.userId, ['refreshTokens', 'userRoles']); - const userRoles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId)); + const roles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId)); const userRefreshToken = user.refreshTokens.find((t) => t.id === tokenBody.id); if (!userRefreshToken) { throw new HttpException('User refresh token not found', 401); } - const token = this.jwtService.issueToken({ userId: user.id, roles: userRoles.map((r) => r.key) }); + const token = this.jwtService.issueToken({ userId: user.id, roles: roles.map((r) => r.key) }); return { token }; } } diff --git a/server/controllers/sessions.controller.ts b/server/controllers/sessions.controller.ts index e1d1155..8a85a12 100644 --- a/server/controllers/sessions.controller.ts +++ b/server/controllers/sessions.controller.ts @@ -8,6 +8,8 @@ import { RefreshToken } from 'server/entities/refresh_token.entity'; import { Skip } from 'server/decorators/skip.decorator'; import { AuthGuard } from 'server/providers/guards/auth.guard'; import { RolesService } from 'server/providers/services/roles.service'; +import { JwtBody } from 'server/decorators/jwt_body.decorator'; +import { JwtBodyDto } from 'server/dto/jwt_body.dto'; // this is kind of a misnomer because we are doing token based auth // instead of session based auth @@ -53,7 +55,9 @@ export class SessionsController { } @Delete('/sessions') - async destroy(@Res({ passthrough: true }) res: Response) { + async destroy(@Res({ passthrough: true }) res: Response, @JwtBody() jwtBody: JwtBodyDto) { + const user = await this.usersService.find(jwtBody.userId, ['refreshTokens']); + await this.refreshTokenService.destroy(...user.refreshTokens); res.clearCookie('_refresh_token'); return { success: true }; } diff --git a/server/providers/services/refresh_tokens.service.ts b/server/providers/services/refresh_tokens.service.ts index e085129..2349b23 100644 --- a/server/providers/services/refresh_tokens.service.ts +++ b/server/providers/services/refresh_tokens.service.ts @@ -14,7 +14,7 @@ export class RefreshTokensService { return this.refreshTokenRespository.save(refreshToken); } - destroy(refreshToken: RefreshToken) { - return this.refreshTokenRespository.remove(refreshToken); + destroy(...refreshTokens: RefreshToken[]) { + return this.refreshTokenRespository.remove(refreshTokens); } } |