From f00547de095ea6aafe9e0054dbf700fb69df33af Mon Sep 17 00:00:00 2001
From: Joseph Ditton <jditton.atomic@gmail.com>
Date: Mon, 6 Dec 2021 17:57:04 -0700
Subject: destroy all user refresh tokens on logout

---
 server/controllers/refresh_tokens.controller.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'server/controllers/refresh_tokens.controller.ts')

diff --git a/server/controllers/refresh_tokens.controller.ts b/server/controllers/refresh_tokens.controller.ts
index 6aa696f..efa9035 100644
--- a/server/controllers/refresh_tokens.controller.ts
+++ b/server/controllers/refresh_tokens.controller.ts
@@ -25,14 +25,14 @@ export class RefreshTokensController {
     const tokenBody = this.jwtService.parseRefreshToken(refreshToken) as RefreshTokenBody;
 
     const user = await this.usersService.find(tokenBody.userId, ['refreshTokens', 'userRoles']);
-    const userRoles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId));
+    const roles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId));
 
     const userRefreshToken = user.refreshTokens.find((t) => t.id === tokenBody.id);
     if (!userRefreshToken) {
       throw new HttpException('User refresh token not found', 401);
     }
 
-    const token = this.jwtService.issueToken({ userId: user.id, roles: userRoles.map((r) => r.key) });
+    const token = this.jwtService.issueToken({ userId: user.id, roles: roles.map((r) => r.key) });
     return { token };
   }
 }
-- 
cgit v1.2.3-70-g09d2