| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
- 'use strict'
-
- const { plugin } = require('@hapi/inert')
- const Joi = require('joi')
-
- const pluginConfig = {
- handlerType: 'jwt',
- docs: {
- get: {
- description: 'removes sessionToken from activeSessions upon logout',
- notes: 'on logout, activeSessions no longer holds onto user credentials',
- },
- },
- }
-
- module.exports = {
- method: 'POST',
- path: '/removesession',
- options: {
- ...pluginConfig.docs.get,
- tags: ['api'],
- auth: false,
- cors: {
- headers: ['Authorization', 'Content-Type'],
- exposedHeaders: ['Authorization', 'Access-Control-Expose-Headers'],
- },
- handler: async function (request, h) {
- const hashedAccessToken = request.payload
- const { userService } = request.server.services()
- try {
- await userService.removeSession(hashedAccessToken)
- return {
- ok: true,
- handler: pluginConfig.handlerType,
- data: {
- sessionTokenIsRemoved: true,
- },
- }
- } catch (err) {
- return {
- ok: false,
- handler: pluginConfig.handlerType,
- data: { error: err.message },
- }
- }
- },
- validate: {
- failAction: 'log',
- },
- response: {
- schema: Joi.object({
- ok: Joi.bool(),
- handler: Joi.string(),
- data: Joi.object(),
- }).label('validate_session_res'),
- failAction: 'log',
- },
- },
- }
|
