Merge pull request #319 from TeamPiped/session-logout

Implement logging out of session
2022-07-20 20:36:24 +05:30 · 2022-07-20 20:36:24 +05:30 · 996cee62fd
parent 805270dd00 12c4890587
commit 996cee62fd
3 changed files with 35 additions and 0 deletions
--- a/src/main/java/me/kavin/piped/ServerLauncher.java
+++ b/src/main/java/me/kavin/piped/ServerLauncher.java
@ -345,6 +345,12 @@ public class ServerLauncher extends MultithreadedHttpServerLauncher {
                    } catch (Exception e) {
                        return getErrorResponse(e, request.getPath());
                    }
+                })).map(POST, "/logout", AsyncServlet.ofBlocking(executor, request -> {
+                    try {
+                        return getJsonResponse(ResponseHelper.logoutResponse(request.getHeader(AUTHORIZATION)), "private");
+                    } catch (Exception e) {
+                        return getErrorResponse(e, request.getPath());
+                    }
                })).map(GET, "/", AsyncServlet.ofBlocking(executor, request -> HttpResponse.redirect302(Constants.FRONTEND_URL)));

        return new CustomServletDecorator(router);
--- a/src/main/java/me/kavin/piped/utils/ResponseHelper.java
+++ b/src/main/java/me/kavin/piped/utils/ResponseHelper.java
@ -1295,6 +1295,22 @@ public class ResponseHelper {
        }
    }

+    public static final byte[] logoutResponse(String session) throws JsonProcessingException {
+
+        try (StatelessSession s = DatabaseSessionFactory.createStatelessSession()) {
+            var tr = s.beginTransaction();
+            if (s.createMutationQuery("UPDATE User user SET user.sessionId = :newSessionId where user.sessionId = :sessionId")
+                    .setParameter("sessionId", session).setParameter("newSessionId", String.valueOf(UUID.randomUUID()))
+                    .executeUpdate() > 0) {
+                tr.commit();
+                return Constants.mapper.writeValueAsBytes(new AcceptedResponse());
+            } else
+                tr.rollback();
+        }
+
+        return Constants.mapper.writeValueAsBytes(new AuthenticationFailureResponse());
+    }
+
    public static String registeredBadgeRedirect() {
        try (StatelessSession s = DatabaseSessionFactory.createStatelessSession()) {
            long registered = s.createQuery("select count(*) from User", Long.class).uniqueResult();
--- a/testing/api-test.sh
+++ b/testing/api-test.sh
@ -67,6 +67,19 @@ if [[ -z "$AUTH_TOKEN" || $AUTH_TOKEN == "null" ]]; then
    exit 1
 fi

+# Logout Session
+curl ${CURLOPTS[@]} $HOST/logout -X POST -H "Authorization: Bearer $AUTH_TOKEN" || exit 1
+
+# Login Account
+curl ${CURLOPTS[@]} $HOST/login -X POST -H "Content-Type: application/json" -d $AUTH_REQ || exit 1
+
+AUTH_TOKEN=$(curl -s -o - -f $HOST/login -X POST -H "Content-Type: application/json" -d $AUTH_REQ | jq -r .token)
+
+if [[ -z "$AUTH_TOKEN" || $AUTH_TOKEN == "null" ]]; then
+    echo "Failed to get auth token"
+    exit 1
+fi
+
 # Check Subscription Status
 curl ${CURLOPTS[@]} $HOST/subscribed -G --data-urlencode "channelId=UCsXVk37bltHxD1rDPwtNM8Q" -H "Authorization: $AUTH_TOKEN" || exit 1