regalijan/car-crushers-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create jwt revocation endpoint

Browse Source
This commit is contained in:
Regalijan 2023-10-25 18:50:57 -04:00
parent 7281d73509
commit d491c3b453
Signed by: regalijan
GPG Key ID: 5D4196DA269EF520
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
functions/api/auth/mobile/token.ts
View File

@ -1,6 +1,32 @@
import { jsonError } from "../../../common.js"; import { jsonError } from "../../../common.js";
import tokenPrefixes from "../../../../data/token_prefixes.json"; import tokenPrefixes from "../../../../data/token_prefixes.json";
export async function onRequestDelete(context: RequestContext) {
const authHeader = context.request.headers.get("authorization");
if (!authHeader) return jsonError("No token provided", 401);
const payload = JSON.parse(
atob(authHeader.split(".")[1]).replaceAll("-", "+").replaceAll("_", "/"),
);
const tokenHash = await crypto.subtle.digest(
"SHA-512",
new TextEncoder().encode(payload.jti),
);
await context.env.DATA.delete(
`auth_${btoa(String.fromCharCode(...new Uint8Array(tokenHash)))
.replaceAll("+", "-")
.replaceAll("/", "_")
.replaceAll("=", "")}`,
);
return new Response(null, {
status: 204,
});
}
export async function onRequestGet(context: RequestContext) { export async function onRequestGet(context: RequestContext) {
const { current_user: currentUser } = context.data; const { current_user: currentUser } = context.data;