feat: add logout endpoint

2024-03-17 09:27:57 -04:00 · 2024-03-17 09:27:57 -04:00 · e73ab26ebf
parent 0e18f695cf
commit e73ab26ebf
3 changed files with 34 additions and 0 deletions
--- a/account/jwt.go
+++ b/account/jwt.go
@ -121,3 +121,26 @@ func SetAuthCookie(jc jape.Context, jwt string, apiName string) {
 		})
 	}
 }
+
+func ClearAuthCookie(jc jape.Context, apiName string) {
+	for name, api := range apiRegistry.GetAllAPIs() {
+		routeableApi, ok := api.(router.RoutableAPI)
+		if !ok {
+			continue
+		}
+
+		if len(apiName) > 0 && apiName != name {
+			continue
+		}
+
+		http.SetCookie(jc.ResponseWriter, &http.Cookie{
+			Name:     routeableApi.AuthTokenName(),
+			Value:    "",
+			Expires:  time.Now().Add(-1 * time.Hour),
+			Secure:   true,
+			HttpOnly: true,
+			Path:     "/",
+			Domain:   routeableApi.Domain(),
+		})
+	}
+}
--- a/api/account/account.go
+++ b/api/account/account.go
@ -304,6 +304,10 @@ func (a AccountAPI) accountInfo(jc jape.Context) {

 }

+func (a AccountAPI) logout(c jape.Context) {
+	account.ClearAuthCookie(c, "")
+}
+
 func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 	loginAuthMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
 		Identity:     a.identity,
@ -375,6 +379,7 @@ func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 		"POST /api/auth/otp/disable":            middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware),
 		"POST /api/auth/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, middleware.ProxyMiddleware),
 		"POST /api/auth/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, middleware.ProxyMiddleware),
+		"POST /api/auth/logout":                 middleware.ApplyMiddlewares(a.logout, authMw, middleware.ProxyMiddleware),
 		"GET /*path":                            getHandler,
 	}

--- a/api/account/swagger.yaml
+++ b/api/account/swagger.yaml
@ -22,6 +22,12 @@ paths:
                                $ref: '#/components/schemas/LoginResponse'
                '401':
                    description: Unauthorized
+    /api/auth/logout:
+        post:
+            summary: Logout of account service
+            responses:
+                '200':
+                    description: Successfully logged out
    /api/auth/register:
        post:
            summary: Register a new account