From d491c3b453bfed3a0c6dc3cd5c5dc86ddcc3e7a0 Mon Sep 17 00:00:00 2001
From: Regalijan <r@regalijan.com>
Date: Wed, 25 Oct 2023 18:50:57 -0400
Subject: [PATCH] Create jwt revocation endpoint

---
 functions/api/auth/mobile/token.ts | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/functions/api/auth/mobile/token.ts b/functions/api/auth/mobile/token.ts
index 8dc426e..c9a1256 100644
--- a/functions/api/auth/mobile/token.ts
+++ b/functions/api/auth/mobile/token.ts
@@ -1,6 +1,32 @@
 import { jsonError } from "../../../common.js";
 import tokenPrefixes from "../../../../data/token_prefixes.json";
 
+export async function onRequestDelete(context: RequestContext) {
+  const authHeader = context.request.headers.get("authorization");
+
+  if (!authHeader) return jsonError("No token provided", 401);
+
+  const payload = JSON.parse(
+    atob(authHeader.split(".")[1]).replaceAll("-", "+").replaceAll("_", "/"),
+  );
+
+  const tokenHash = await crypto.subtle.digest(
+    "SHA-512",
+    new TextEncoder().encode(payload.jti),
+  );
+
+  await context.env.DATA.delete(
+    `auth_${btoa(String.fromCharCode(...new Uint8Array(tokenHash)))
+      .replaceAll("+", "-")
+      .replaceAll("/", "_")
+      .replaceAll("=", "")}`,
+  );
+
+  return new Response(null, {
+    status: 204,
+  });
+}
+
 export async function onRequestGet(context: RequestContext) {
   const { current_user: currentUser } = context.data;