Create jwt revocation endpoint

functions/api/auth/mobile/token.ts

@@ -1,6 +1,32 @@
 import { jsonError } from "../../../common.js";
 import tokenPrefixes from "../../../../data/token_prefixes.json";
 
+export async function onRequestDelete(context: RequestContext) {
+  const authHeader = context.request.headers.get("authorization");
+
+  if (!authHeader) return jsonError("No token provided", 401);
+
+  const payload = JSON.parse(
+    atob(authHeader.split(".")[1]).replaceAll("-", "+").replaceAll("_", "/"),
+  );
+
+  const tokenHash = await crypto.subtle.digest(
+    "SHA-512",
+    new TextEncoder().encode(payload.jti),
+  );
+
+  await context.env.DATA.delete(
+    `auth_${btoa(String.fromCharCode(...new Uint8Array(tokenHash)))
+      .replaceAll("+", "-")
+      .replaceAll("/", "_")
+      .replaceAll("=", "")}`,
+  );
+
+  return new Response(null, {
+    status: 204,
+  });
+}
+
 export async function onRequestGet(context: RequestContext) {
   const { current_user: currentUser } = context.data;