Skip to content

Commit 5c062df

Browse files
AbhineetJainAbhineetJain
committed
delete API token in logout api
1 parent c78f947 commit 5c062df

File tree

5 files changed

+51
-2
lines changed

5 files changed

+51
-2
lines changed

cli/logout.go

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,11 +15,16 @@ func logout() *cobra.Command {
1515
Use: "logout",
1616
Short: "Remove the local authenticated session",
1717
RunE: func(cmd *cobra.Command, args []string) error {
18+
client, err := createClient(cmd)
19+
if err != nil {
20+
return err
21+
}
22+
1823
var isLoggedOut bool
1924

2025
config := createConfig(cmd)
2126

22-
_, err := cliui.Prompt(cmd, cliui.PromptOptions{
27+
_, err = cliui.Prompt(cmd, cliui.PromptOptions{
2328
Text: "Are you sure you want to logout?",
2429
IsConfirm: true,
2530
Default: "yes",
@@ -54,6 +59,11 @@ func logout() *cobra.Command {
5459
return xerrors.Errorf("remove organization file: %w", err)
5560
}
5661

62+
err = client.Logout(cmd.Context())
63+
if err != nil {
64+
return xerrors.Errorf("logout: %w", err)
65+
}
66+
5767
// If the user was already logged out, we show them a different message
5868
if isLoggedOut {
5969
_, _ = fmt.Fprintf(cmd.OutOrStdout(), notLoggedInMessage+"\n")

coderd/database/querier.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries.sql.go

Lines changed: 13 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries/apikeys.sql

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,3 +38,10 @@ SET
3838
oauth_expiry = $6
3939
WHERE
4040
id = $1;
41+
42+
-- name: DeleteAPIKeyByID :exec
43+
DELETE
44+
FROM
45+
api_keys
46+
WHERE
47+
id = $1;

coderd/users.go

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -670,7 +670,13 @@ func (api *api) postAPIKey(rw http.ResponseWriter, r *http.Request) {
670670
}
671671

672672
// Clear the user's session cookie
673-
func (*api) postLogout(rw http.ResponseWriter, _ *http.Request) {
673+
func (api *api) postLogout(rw http.ResponseWriter, r *http.Request) {
674+
// Delete the session token from database
675+
ok := api.deleteAPIKey(rw, r)
676+
if !ok {
677+
return
678+
}
679+
674680
// Get a blank token cookie
675681
cookie := &http.Cookie{
676682
// MaxAge < 0 means to delete the cookie now
@@ -743,6 +749,18 @@ func (api *api) createAPIKey(rw http.ResponseWriter, r *http.Request, params dat
743749
return sessionToken, true
744750
}
745751

752+
func (api *api) deleteAPIKey(rw http.ResponseWriter, r *http.Request) bool {
753+
apiKey := httpmw.APIKey(r)
754+
err := api.Database.DeleteAPIKeyByID(r.Context(), apiKey.ID)
755+
if err != nil {
756+
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
757+
Message: fmt.Sprintf("delete api key: %s", err.Error()),
758+
})
759+
return false
760+
}
761+
return true
762+
}
763+
746764
func (api *api) createUser(ctx context.Context, req codersdk.CreateUserRequest) (database.User, uuid.UUID, error) {
747765
var user database.User
748766
return user, req.OrganizationID, api.Database.InTx(func(db database.Store) error {

0 commit comments

Comments
 (0)