From 3e7127a3d9e4061fffac1ae47f01369069365d99 Mon Sep 17 00:00:00 2001
From: Isaac <git@eartharoid.me>
Date: Sun, 21 Jan 2024 01:54:01 +0000
Subject: [PATCH] fix: actually revoke the token

---
 src/routes/auth/logout.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/routes/auth/logout.js b/src/routes/auth/logout.js
index 3e8b164..bf5908c 100644
--- a/src/routes/auth/logout.js
+++ b/src/routes/auth/logout.js
@@ -5,7 +5,11 @@ module.exports.get = fastify => ({
 		const { accessToken } = req.user;
 
 		await fetch('https://discord.com/api/oauth2/token/revoke', {
-			body: new URLSearchParams({ token: accessToken }).toString(),
+			body: new URLSearchParams({
+				client_id: req.routeOptions.config.client.user.id,
+				client_secret: process.env.DISCORD_SECRET,
+				token: accessToken,
+			}).toString(),
 			headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
 			method: 'POST',
 		});