Merge pull request #319 from TeamPiped/session-logout

Implement logging out of session

src/main/java/me/kavin/piped/ServerLauncher.java

@@ -345,6 +345,12 @@ public class ServerLauncher extends MultithreadedHttpServerLauncher {
                     } catch (Exception e) {
                         return getErrorResponse(e, request.getPath());
                     }
+                })).map(POST, "/logout", AsyncServlet.ofBlocking(executor, request -> {
+                    try {
+                        return getJsonResponse(ResponseHelper.logoutResponse(request.getHeader(AUTHORIZATION)), "private");
+                    } catch (Exception e) {
+                        return getErrorResponse(e, request.getPath());
+                    }
                 })).map(GET, "/", AsyncServlet.ofBlocking(executor, request -> HttpResponse.redirect302(Constants.FRONTEND_URL)));
 
         return new CustomServletDecorator(router);

src/main/java/me/kavin/piped/utils/ResponseHelper.java

@@ -1295,6 +1295,22 @@ public class ResponseHelper {
         }
     }
 
+    public static final byte[] logoutResponse(String session) throws JsonProcessingException {
+
+        try (StatelessSession s = DatabaseSessionFactory.createStatelessSession()) {
+            var tr = s.beginTransaction();
+            if (s.createMutationQuery("UPDATE User user SET user.sessionId = :newSessionId where user.sessionId = :sessionId")
+                    .setParameter("sessionId", session).setParameter("newSessionId", String.valueOf(UUID.randomUUID()))
+                    .executeUpdate() > 0) {
+                tr.commit();
+                return Constants.mapper.writeValueAsBytes(new AcceptedResponse());
+            } else
+                tr.rollback();
+        }
+
+        return Constants.mapper.writeValueAsBytes(new AuthenticationFailureResponse());
+    }
+
     public static String registeredBadgeRedirect() {
         try (StatelessSession s = DatabaseSessionFactory.createStatelessSession()) {
             long registered = s.createQuery("select count(*) from User", Long.class).uniqueResult();

testing/api-test.sh

@@ -67,6 +67,19 @@ if [[ -z "$AUTH_TOKEN" || $AUTH_TOKEN == "null" ]]; then
     exit 1
 fi
 
+# Logout Session
+curl ${CURLOPTS[@]} $HOST/logout -X POST -H "Authorization: Bearer $AUTH_TOKEN" || exit 1
+
+# Login Account
+curl ${CURLOPTS[@]} $HOST/login -X POST -H "Content-Type: application/json" -d $AUTH_REQ || exit 1
+
+AUTH_TOKEN=$(curl -s -o - -f $HOST/login -X POST -H "Content-Type: application/json" -d $AUTH_REQ | jq -r .token)
+
+if [[ -z "$AUTH_TOKEN" || $AUTH_TOKEN == "null" ]]; then
+    echo "Failed to get auth token"
+    exit 1
+fi
+
 # Check Subscription Status
 curl ${CURLOPTS[@]} $HOST/subscribed -G --data-urlencode "channelId=UCsXVk37bltHxD1rDPwtNM8Q" -H "Authorization: $AUTH_TOKEN" || exit 1