Skip to content
This repository was archived by the owner on Nov 10, 2021. It is now read-only.

Commit 5a534e8

Browse files
mzyy94mzyy94
committed
Add token revocation
1 parent f854725 commit 5a534e8

File tree

2 files changed

+38
-16
lines changed

2 files changed

+38
-16
lines changed

server/index.js

+36-14
Original file line numberDiff line numberDiff line change
@@ -55,24 +55,35 @@ router
5555
auth.token,
5656
rp({
5757
uri: `${endpoint}/authenticated_user`,
58-
headers: {"Authorization": `Bearer ${auth.token}`}
58+
headers: {"Authorization": `Bearer ${auth.token}`},
59+
json: true
5960
})
6061
])
6162
})
6263
.then(([token, user]) => Promise.all([
63-
user,
64-
rp({
65-
method: "DELETE",
66-
uri: `${endpoint}/access_tokens/${token}`
67-
})
68-
])
69-
)
70-
.then(([user]) => {
64+
user,
65+
rp({
66+
method: "DELETE",
67+
uri: `${endpoint}/access_tokens/${token}`
68+
})
69+
]))
70+
.then(([user]) => Promise.all([
71+
user.id,
72+
knex.first("id").where({id: user.id}).from("users"),
73+
]))
74+
.then(([id, exists]) => {
7175
const token = uuid.v1()
72-
return Promise.all([
73-
token,
74-
knex("users").insert({id: user.id, token, source: "qiita"})
75-
])
76+
if (!exists) {
77+
return Promise.all([
78+
token,
79+
knex("users").insert({id, token, revoked: false})
80+
])
81+
} else {
82+
return Promise.all([
83+
token,
84+
knex("users").where({id}).update({revoked: false, token})
85+
])
86+
}
7687
})
7788
.then(([token]) => {
7889
ctx.redirect(`${ctx.cookies.get("callback")}?token=${token}`)
@@ -82,7 +93,18 @@ router
8293
console.error(err)
8394
ctx.throw(500)
8495
})
85-
await next()
96+
})
97+
.delete("/auth/token/:token", async (ctx, next) => {
98+
const {token} = ctx.params
99+
await knex.first("id", "revoked").where("token", token).from("users")
100+
.then(user => {
101+
ctx.assert(user, 404)
102+
ctx.assert(!user.revoked, 400)
103+
return knex("users").where({id: user.id}).update({revoked: true})
104+
})
105+
.then(() => {
106+
ctx.body = {complete: true}
107+
})
86108
})
87109

88110
// Dislike API

server/init_db.js

+2-2
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ const knex = require("knex")({
1313
knex.schema.createTableIfNotExists("users", (table) => {
1414
table.string("id").primary()
1515
table.string("token")
16-
table.string("source")
16+
table.boolean("revoked")
1717
table.timestamps()
1818
})
1919
.then(() => console.log("Users table initialize done."))
@@ -31,7 +31,7 @@ knex.schema.createTableIfNotExists("item_dislike", (table) => {
3131
// Create test account
3232
const token = uuid.v1()
3333
const suffix = new Date().getMilliseconds()
34-
knex("users").insert({id: `testuser${suffix}`, token: token, source: "github" })
34+
knex("users").insert({id: `testuser${suffix}`, token: token, revoked: false })
3535
.then(() => console.log(`New user testuser${suffix} created.
3636
Request with "Authorization: Bearer ${token}" http header.
3737
`))

0 commit comments

Comments
 (0)