fix: revoke token on logout

2024-11-05 04:13:08 +02:00 · 2023-03-10 23:42:39 +00:00 · 2023-03-10 23:42:39 +00:00 · f55ee02ce5
commit f55ee02ce5
parent daadb5fe85
1 changed files with 8 additions and 2 deletions
--- a/src/routes/auth/logout.js
+++ b/src/routes/auth/logout.js
@ -1,7 +1,13 @@
-module.exports.get = () => ({
+module.exports.get = fastify => ({
 	handler: async function (req, res) {
+		await fetch('https://discord.com/api/oauth2/token/revoke', {
+			body: new URLSearchParams({ token: req.user.payload.accessToken }).toString(),
+			headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+			method: 'POST',
+		});
 		res
 			.clearCookie('token', '/')
-			.send('Logged out.');
+			.send('The token has been revoked.');
 	},
+	onRequest: [fastify.authenticate],
 });