add user logout to openx

access token is invalidated by creating a new one, forcing other token
requesting services to request a new token

Author: Varunram

Dockerfile

@@ -2,7 +2,7 @@ FROM golang:alpine AS builder
 RUN apk update && apk add --no-cache git ca-certificates && update-ca-certificates
 WORKDIR $GOPATH/src/github.com/YaleOpenLab/openx
 COPY . .
-RUN go mod download -x
+RUN go mod download
 RUN go mod verify
 RUN GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o openx
 RUN ["cp", "dummyconfig.yaml", "config.yaml"]

README.md

@@ -35,7 +35,7 @@ The goal of openx is to have a common interface between all parties that relate
 
 Openx builds are available at [builds.openx.solar](builds.openx.solar)
 
-Docker image available [Docker Hub](https://hub.docker.com/repository/docker/varunramg/openx)
+Docker image available at [Docker Hub](https://hub.docker.com/repository/docker/varunramg/openx)
 
 ### Installing from PPA
 

database/user.go

@@ -590,6 +590,13 @@ func (a *User) GenAccessToken() (string, error) {
 	return a.AccessToken, nil
 }
 
+// AllLogout invalidates the user access token
+func (a *User) AllLogout() error {
+	a.AccessToken = utils.GetRandomString(consts.AccessTokenLength)
+	a.AccessTokenTimeout = utils.Unix()
+	return a.Save()
+}
+
 // AddtoMailbox adds a message to a user's mailbox
 func (a *User) AddtoMailbox(subject string, message string) error {
 	var x MailboxHelper

rpc/users.go

@@ -2,7 +2,6 @@ package rpc
 
 import (
 	"encoding/hex"
-	"encoding/json"
 	"io/ioutil"
 	"log"
 	"math"
@@ -39,7 +38,6 @@ var UserRPC = map[int][]string{
 	11: []string{"/user/trustasset", "GET", "assetCode", "assetIssuer", "limit", "seedpwd"},        // GET
 	12: []string{"/upload", "POST"},                                                                // POST
 	13: []string{"/platformemail", "GET"},                                                          // GET
-	16: []string{"/tellerping", "GET"},                                                             // GET
 	17: []string{"/user/increasetrustlimit", "GET", "trust", "seedpwd"},                            // GET
 	19: []string{"/user/sendrecovery", "GET", "email1", "email2", "email3"},                        // GET
 	20: []string{"/user/seedrecovery", "GET", "secret1", "secret2"},                                // GET
@@ -60,11 +58,13 @@ var UserRPC = map[int][]string{
 	36: []string{"/user/progress", "POST", "progress"},                                             // POST
 	37: []string{"/user/update", "POST"},                                                           // POST
 	38: []string{"/user/tellerfile", "GET"},                                                        // GET
+	39: []string{"/user/logout", "POST"},                                                           // POST
 
 	30: []string{"/user/anchorusd/kyc", "GET", "name", "bdaymonth", "bdayday", "bdayyear", "taxcountry", // GET
 		"taxid", "addrstreet", "addrcity", "addrpostal", "addrregion", "addrcountry", "addrphone", "primaryphone", "gender"},
 	// 14: []string{"/tellershutdown", "projIndex", "deviceId", "tx1", "tx2"},
 	// 15: []string{"/tellerpayback", "deviceId", "projIndex"},
+	// 16: []string{"/tellerping", "GET", "index"},
 	// 18: []string{"/utils/addhash", "projIndex", "choice", "choicestr"},
 }
 
@@ -84,11 +84,7 @@ func setupUserRpcs() {
 	trustAsset()
 	uploadFile()
 	platformEmail()
-	// sendTellerShutdownEmail()
-	// sendTellerFailedPaybackEmail()
-	tellerPing()
 	increaseTrustLimit()
-	// addContractHash()
 	sendSecrets()
 	mergeSecrets()
 	generateNewSecrets()
@@ -109,6 +105,12 @@ func setupUserRpcs() {
 	updateProgress()
 	updateUser()
 	downloadTeller()
+	logout()
+
+	// sendTellerShutdownEmail()
+	// sendTellerFailedPaybackEmail()
+	// tellerPing()
+	// addContractHash()
 }
 
 const (
@@ -611,32 +613,6 @@ func platformEmail() {
 	})
 }
 
-// tellerPing pings the teller to check if its up
-func tellerPing() {
-	http.HandleFunc(UserRPC[16][0], func(w http.ResponseWriter, r *http.Request) {
-		_, err := userValidateHelper(w, r, UserRPC[16][2:], UserRPC[16][1])
-		if err != nil {
-			return
-		}
-
-		data, err := erpc.GetRequest(TellerUrl + "/ping")
-		if err != nil {
-			erpc.ResponseHandler(w, erpc.StatusInternalServerError)
-			return
-		}
-
-		var x erpc.StatusResponse
-
-		err = json.Unmarshal(data, &x)
-		if err != nil {
-			erpc.ResponseHandler(w, erpc.StatusInternalServerError)
-			return
-		}
-
-		erpc.MarshalSend(w, x)
-	})
-}
-
 // increaseTrustLimit increases the trust limit a user has towards a specific asset on stellar
 func increaseTrustLimit() {
 	http.HandleFunc(UserRPC[17][0], func(w http.ResponseWriter, r *http.Request) {
@@ -1415,3 +1391,23 @@ func downloadTeller() {
 		http.ServeFile(w, r, "screenlog.0")
 	})
 }
+
+// logout logs out from all devices
+func logout() {
+	http.HandleFunc(UserRPC[39][0], func(w http.ResponseWriter, r *http.Request) {
+		//_, err := userValidateHelper(w, r, UserRPC[38][2:], UserRPC[38][1])
+		user, err := userValidateHelper(w, r, UserRPC[39][2:], UserRPC[39][1])
+		if err != nil {
+			return
+		}
+
+		err = user.AllLogout() // generate a new token to invalidate the old one
+		if err != nil {
+			log.Println(err)
+			erpc.ResponseHandler(w, erpc.StatusInternalServerError)
+			return
+		}
+
+		erpc.ResponseHandler(w, erpc.StatusOK)
+	})
+}