Merge branch 'revoke-token' into 'develop'
Revoke oAuth token on logout Closes pleroma#952 See merge request pleroma/pleroma-fe!864
This commit is contained in:
commit
171673113f
3 changed files with 50 additions and 9 deletions
|
@ -48,6 +48,11 @@ module.exports = {
|
||||||
changeOrigin: true,
|
changeOrigin: true,
|
||||||
cookieDomainRewrite: 'localhost',
|
cookieDomainRewrite: 'localhost',
|
||||||
ws: true
|
ws: true
|
||||||
|
},
|
||||||
|
'/oauth/revoke': {
|
||||||
|
target,
|
||||||
|
changeOrigin: true,
|
||||||
|
cookieDomainRewrite: 'localhost'
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
// CSS Sourcemaps off by default because relative paths are "buggy"
|
// CSS Sourcemaps off by default because relative paths are "buggy"
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import backendInteractorService from '../services/backend_interactor_service/backend_interactor_service.js'
|
import backendInteractorService from '../services/backend_interactor_service/backend_interactor_service.js'
|
||||||
import userSearchApi from '../services/new_api/user_search.js'
|
import userSearchApi from '../services/new_api/user_search.js'
|
||||||
|
import oauthApi from '../services/new_api/oauth.js'
|
||||||
import { compact, map, each, merge, last, concat, uniq } from 'lodash'
|
import { compact, map, each, merge, last, concat, uniq } from 'lodash'
|
||||||
import { set } from 'vue'
|
import { set } from 'vue'
|
||||||
import { registerPushNotifications, unregisterPushNotifications } from '../services/push/push.js'
|
import { registerPushNotifications, unregisterPushNotifications } from '../services/push/push.js'
|
||||||
|
@ -397,14 +398,34 @@ const users = {
|
||||||
},
|
},
|
||||||
|
|
||||||
logout (store) {
|
logout (store) {
|
||||||
store.commit('clearCurrentUser')
|
const { oauth, instance } = store.rootState
|
||||||
store.dispatch('disconnectFromChat')
|
|
||||||
store.commit('clearToken')
|
const data = {
|
||||||
store.dispatch('stopFetching', 'friends')
|
...oauth,
|
||||||
store.commit('setBackendInteractor', backendInteractorService(store.getters.getToken()))
|
commit: store.commit,
|
||||||
store.dispatch('stopFetching', 'notifications')
|
instance: instance.server
|
||||||
store.commit('clearNotifications')
|
}
|
||||||
store.commit('resetStatuses')
|
|
||||||
|
return oauthApi.getOrCreateApp(data)
|
||||||
|
.then((app) => {
|
||||||
|
const params = {
|
||||||
|
app,
|
||||||
|
instance: data.instance,
|
||||||
|
token: oauth.userToken
|
||||||
|
}
|
||||||
|
|
||||||
|
return oauthApi.revokeToken(params)
|
||||||
|
})
|
||||||
|
.then(() => {
|
||||||
|
store.commit('clearCurrentUser')
|
||||||
|
store.dispatch('disconnectFromChat')
|
||||||
|
store.commit('clearToken')
|
||||||
|
store.dispatch('stopFetching', 'friends')
|
||||||
|
store.commit('setBackendInteractor', backendInteractorService(store.getters.getToken()))
|
||||||
|
store.dispatch('stopFetching', 'notifications')
|
||||||
|
store.commit('clearNotifications')
|
||||||
|
store.commit('resetStatuses')
|
||||||
|
})
|
||||||
},
|
},
|
||||||
loginUser (store, accessToken) {
|
loginUser (store, accessToken) {
|
||||||
return new Promise((resolve, reject) => {
|
return new Promise((resolve, reject) => {
|
||||||
|
|
|
@ -125,13 +125,28 @@ const verifyRecoveryCode = ({app, instance, mfaToken, code}) => {
|
||||||
}).then((data) => data.json())
|
}).then((data) => data.json())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const revokeToken = ({ app, instance, token }) => {
|
||||||
|
const url = `${instance}/oauth/revoke`
|
||||||
|
const form = new window.FormData()
|
||||||
|
|
||||||
|
form.append('client_id', app.clientId)
|
||||||
|
form.append('client_secret', app.clientSecret)
|
||||||
|
form.append('token', token)
|
||||||
|
|
||||||
|
return window.fetch(url, {
|
||||||
|
method: 'POST',
|
||||||
|
body: form
|
||||||
|
}).then((data) => data.json())
|
||||||
|
}
|
||||||
|
|
||||||
const oauth = {
|
const oauth = {
|
||||||
login,
|
login,
|
||||||
getToken,
|
getToken,
|
||||||
getTokenWithCredentials,
|
getTokenWithCredentials,
|
||||||
getOrCreateApp,
|
getOrCreateApp,
|
||||||
verifyOTPCode,
|
verifyOTPCode,
|
||||||
verifyRecoveryCode
|
verifyRecoveryCode,
|
||||||
|
revokeToken
|
||||||
}
|
}
|
||||||
|
|
||||||
export default oauth
|
export default oauth
|
||||||
|
|
Loading…
Reference in a new issue