KevinMidboe/immich
1
0
Fork 0
mirror of https://github.com/KevinMidboe/immich.git synced 2025-12-08 12:19:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(server): remove token when logged out (#1560)

Browse Source 
* chore(mobile): invoke logout() on mobile app

* feat: add mechanism to delete token from logging out endpoint

* fix: set state after login sequence success

* fix: not removing token when logging out from OAuth

* fix: prettier

* refactor: using accessTokenId to delete

* chore: pr comments

* fix: test

* fix: test threshold
This commit is contained in:
Alex
2023-02-05 23:31:16 -06:00
committed by GitHub
parent 16183791f3
commit 7dbddba757
9 changed files with 37 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/libs/domain/src/auth/auth.service.spec.ts
View File

@@ -26,7 +26,7 @@ import { IUserRepository } from '../user';
import { IUserTokenRepository } from '../user-token';
import { AuthType } from './auth.constant';
import { AuthService } from './auth.service';
import { SignUpDto } from './dto';
import { AuthUserDto, SignUpDto } from './dto';
// const token = Buffer.from('my-api-key', 'utf8').toString('base64');
@@ -192,14 +192,18 @@ describe('AuthService', () => {
describe('logout', () => {
it('should return the end session endpoint', async () => {
await expect(sut.logout(AuthType.OAUTH)).resolves.toEqual({
const authUser = { id: '123' } as AuthUserDto;
await expect(sut.logout(authUser, AuthType.OAUTH)).resolves.toEqual({
successful: true,
redirectUri: 'http://end-session-endpoint',
});
});
it('should return the default redirect', async () => {
await expect(sut.logout(AuthType.PASSWORD)).resolves.toEqual({
const authUser = { id: '123' } as AuthUserDto;
await expect(sut.logout(authUser, AuthType.PASSWORD)).resolves.toEqual({
successful: true,
redirectUri: '/auth/login?autoLaunch=0',
});

6
server/libs/domain/src/auth/auth.service.ts
View File

@@ -76,7 +76,11 @@ export class AuthService {
return this.authCore.createLoginResponse(user, AuthType.PASSWORD, isSecure);
}
public async logout(authType: AuthType): Promise<LogoutResponseDto> {
public async logout(authUser: AuthUserDto, authType: AuthType): Promise<LogoutResponseDto> {
if (authUser.accessTokenId) {
await this.userTokenCore.deleteToken(authUser.accessTokenId);
}
if (authType === AuthType.OAUTH) {
const url = await this.oauthCore.getLogoutEndpoint();
if (url) {

1
server/libs/domain/src/auth/dto/auth-user.dto.ts
View File

@@ -7,4 +7,5 @@ export class AuthUserDto {
isAllowUpload?: boolean;
isAllowDownload?: boolean;
isShowExif?: boolean;
accessTokenId?: string;
}