chore(server): remove token when logged out (#1560)

* chore(mobile): invoke logout() on mobile app * feat: add mechanism to delete token from logging out endpoint * fix: set state after login sequence success * fix: not removing token when logging out from OAuth * fix: prettier * refactor: using accessTokenId to delete * chore: pr comments * fix: test * fix: test threshold
2025-12-23 09:15:05 +03:00 · 2023-02-05 23:31:16 -06:00
parent 16183791f3
commit 7dbddba757
9 changed files with 37 additions and 21 deletions
--- a/server/libs/domain/src/user-token/user-token.core.ts
+++ b/server/libs/domain/src/user-token/user-token.core.ts
@@ -9,28 +9,22 @@ export class UserTokenCore {

  async validate(tokenValue: string) {
    const hashedToken = this.crypto.hashSha256(tokenValue);
-    const user = await this.getUserByToken(hashedToken);
-    if (user) {
+    const token = await this.repository.get(hashedToken);
+
+    if (token?.user) {
      return {
-        ...user,
+        ...token.user,
        isPublicUser: false,
        isAllowUpload: true,
        isAllowDownload: true,
        isShowExif: true,
+        accessTokenId: token.id,
      };
    }

    throw new UnauthorizedException('Invalid user token');
  }

-  public async getUserByToken(tokenValue: string): Promise<UserEntity | null> {
-    const token = await this.repository.get(tokenValue);
-    if (token?.user) {
-      return token.user;
-    }
-    return null;
-  }
-
  public async createToken(user: UserEntity): Promise<string> {
    const key = this.crypto.randomBytes(32).toString('base64').replace(/\W/g, '');
    const token = this.crypto.hashSha256(key);
@@ -41,4 +35,8 @@ export class UserTokenCore {

    return key;
  }
+
+  public async deleteToken(id: string): Promise<void> {
+    await this.repository.delete(id);
+  }
 }