From f55ee02ce51e84f45d6100194665a360a3038349 Mon Sep 17 00:00:00 2001
From: Isaac <git@eartharoid.me>
Date: Fri, 10 Mar 2023 23:42:39 +0000
Subject: [PATCH] fix: revoke token on logout

---
 src/routes/auth/logout.js | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/routes/auth/logout.js b/src/routes/auth/logout.js
index 4e5910c..82677f6 100644
--- a/src/routes/auth/logout.js
+++ b/src/routes/auth/logout.js
@@ -1,7 +1,13 @@
-module.exports.get = () => ({
+module.exports.get = fastify => ({
 	handler: async function (req, res) {
+		await fetch('https://discord.com/api/oauth2/token/revoke', {
+			body: new URLSearchParams({ token: req.user.payload.accessToken }).toString(),
+			headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+			method: 'POST',
+		});
 		res
 			.clearCookie('token', '/')
-			.send('Logged out.');
+			.send('The token has been revoked.');
 	},
+	onRequest: [fastify.authenticate],
 });
\ No newline at end of file