From 9d8a677ecff1b367f3bee86ac4b8603e8248bcf6 Mon Sep 17 00:00:00 2001 From: Kenneth Geisshirt Date: Fri, 9 Mar 2018 15:51:45 +0100 Subject: [PATCH] Revoke refresh token upon logout. (#1696) * Revoke refresh token upon logout. * Always log out --- CHANGELOG.md | 1 + lib/user-methods.js | 21 +++++++++++++++++++++ src/js_sync.hpp | 2 +- 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0fcd769e..5d29b90c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ - Method `Realm.privilges()` to compute privileges on a Realm, a Realm object schema, or a Realm object. The method returns either a `Realm.Permissions.Realm` or `Realm.Permissions.Class` object. - For non-synced Realms, all privileges are always granted. - For more details, please read the reference documentation. +* [Sync] Revoke refresh tiken upon logout (#1354). * Added `Realm.defaultSyncConfiguration()` which will return the configuration for a default synced Realm (#1688). * [Sync] Decrepated `Realm.Sync.setFeatureToken` (#1689). diff --git a/lib/user-methods.js b/lib/user-methods.js index 9634ef37..efbdfae8 100644 --- a/lib/user-methods.js +++ b/lib/user-methods.js @@ -348,6 +348,27 @@ const staticMethods = { const instanceMethods = { + logout() { + this._logout(); + const url = url_parse(this.server); + url.set('pathname', '/auth/revoke'); + const headers = { + Authorization: this.token + }; + const body = { + token: this.token + }; + const options = { + method: 'POST', + headers, + body: body, + open_timeout: 5000 + }; + + performFetch(url.href, options) + .then(() => console.log('User is logged out')) + .catch((e) => print_error(e)); + }, openManagementRealm() { let url = url_parse(this.server); if (url.protocol === 'http:') { diff --git a/src/js_sync.hpp b/src/js_sync.hpp index b78f9cba..1a3ff6d0 100644 --- a/src/js_sync.hpp +++ b/src/js_sync.hpp @@ -103,7 +103,7 @@ public: static void session_for_on_disk_path(ContextType, FunctionType, ObjectType, size_t, const ValueType[], ReturnValue &); MethodMap const methods = { - {"logout", wrap}, + {"_logout", wrap}, {"_sessionForOnDiskPath", wrap} }; };