monkeytypegame/monkeytype
1
1
Fork 0
mirror of https://github.com/monkeytypegame/monkeytype.git synced 2025-10-29 10:17:30 +08:00
Code Issues Projects Releases Packages Wiki Activity

fix(server): rework 'revoke all tokens' flow (hattorius) (#4717)

Browse source 
* Remove tokens from cache

* Async method not necessary

* Whoops

* Better naming

* smol name change

* uncomment settings section

---------

Co-authored-by: Miodec <jack@monkeytype.com>
This commit is contained in:
Aaron 2023-10-17 00:57:14 +09:00 committed by GitHub
parent d8a4dbac94
commit 3a4d8effdb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
backend/src/api/controllers/user.ts
View file

@ -25,6 +25,7 @@ import { ObjectId } from "mongodb";
import * as ReportDAL from "../../dal/report";
import emailQueue from "../../queues/email-queue";
import FirebaseAdmin from "../../init/firebase-admin";
import { removeTokensFromCacheByUid } from "../../utils/auth";
async function verifyCaptcha(captcha: string): Promise<void> {
if (!(await verify(captcha))) {
@ -897,5 +898,6 @@ export async function revokeAllTokens(
): Promise<MonkeyResponse> {
const { uid } = req.ctx.decodedToken;
await FirebaseAdmin().auth().revokeRefreshTokens(uid);
removeTokensFromCacheByUid(uid);
return new MonkeyResponse("All tokens revoked");
}

8
backend/src/utils/auth.ts
View file

@ -58,3 +58,11 @@ export async function updateUserEmail(
emailVerified: false,
});
}
export function removeTokensFromCacheByUid(uid: string): void {
for (const entry of tokenCache.entries()) {
if (entry[1].uid === uid) {
tokenCache.delete(entry[0]);
}
}
}

4
frontend/static/html/pages/settings.html
View file

@ -2900,7 +2900,7 @@
</div>
</div>
</div>
<!-- <div class="section revokeAllTokens">
<div class="section revokeAllTokens">
<div class="groupTitle">
<i class="fas fa-user-slash"></i>
<span>revoke all tokens</span>
@ -2921,7 +2921,7 @@
revoke all tokens
</div>
</div>
</div> -->
</div>
<div class="section resetSettings">
<div class="groupTitle">
<i class="fas fa-redo-alt"></i>