diff --git a/_source/_posts/2024-04-30-express-universal-logout.md b/_source/_posts/2024-04-30-express-universal-logout.md index dbd579e73..034339e13 100644 --- a/_source/_posts/2024-04-30-express-universal-logout.md +++ b/_source/_posts/2024-04-30-express-universal-logout.md @@ -105,7 +105,7 @@ import { Router } from 'express'; export const universalLogoutRoute = Router(); ``` -Let's add the UL route to this file: +Let's add the UL route to this file as well: ```ts import { Router } from 'express'; @@ -183,22 +183,72 @@ universalLogoutRoute.post('/global-token-revocation', async (req, res) => { if (!req.body) { res.status(400); } - - // Find the user by email linked to the org id associated with the API key provided - const domainOrgId = req['user']['id'] + + // Find the user const newRequest:IRequestSchema = req.body; const { email } = newRequest.sub_id; const user = await prisma.user.findFirst({ where: { - email: email, - org: { id: domainOrgId }, + email: email }, }); + return res.sendStatus(httpStatus); - // 404 User not found + // 404 User not found + if (!user) { + res.sendStatus(404); + } + +}); + +universalLogoutRoute.use((err,req,res,next) => { + if(err){ + return res.sendStatus(404) + } +}) +``` +The apps/api/src/universalLogout.ts file now looks like the following: + +```ts +import { Router } from 'express'; +export const universalLogoutRoute = Router(); +import { PrismaClient } from '@prisma/client'; +const prisma = new PrismaClient(); + +interface IRequestSchema { + 'sub_id': {format:string; email: string}; +} +universalLogoutRoute.post('/global-token-revocation', async (req, res) => { + // 204 When the request is successful + const httpStatus = 204; + + // 400 If the request is malformed + if (!req.body) { + res.status(400); + } + + // Find the user + const newRequest:IRequestSchema = req.body; + const { email } = newRequest.sub_id; + const user = await prisma.user.findFirst({ + where: { + email: email + }, + }); + return res.sendStatus(httpStatus); + + // 404 User not found if (!user) { res.sendStatus(404); } + +}); + +universalLogoutRoute.use((err,req,res,next) => { + if(err){ + return res.sendStatus(404) + } +}) ``` >**Checkpoint**: Now is an excellent time to test our code. @@ -405,6 +455,20 @@ universalLogoutRoute.use((err,req,res,next) => { } }) ``` +So now let's do another test to make sure the authentication piece we added is working. We'll need to modify our cURL request to include an Authorization header with a `Bearer 131313`. This should result in a 204 response. + +```http +curl --request POST \ + --url http://localhost:3333/global-token-revocation \ + --header 'Authorization: Bearer 131313' \ + --header 'Content-Type: application/json' \ + --data '{ + "sub_id": { + "format": "email", + "email": "trinity@whiterabbit.fake" + } +}' +``` Moving right along, now that we have the target user of a specific org. Let's figure out how to target their application session and end it. @@ -527,7 +591,7 @@ universalLogoutRoute.post('/global-token-revocation', async (req, res) => { } // Find the user by email linked to the org id associated with the API key provided - const domainOrgId = req['user']['id'] + const domainOrgId = req['user']['id'] const newRequest:IRequestSchema = req.body; const { email } = newRequest.sub_id; const user = await prisma.user.findFirst({ @@ -602,7 +666,7 @@ if (!res.ok) }} ``` -The onNewTask function will now look like this: +The onNewTask function will now look like this with a change made only to the `onNewTAsk` function: ```ts import { useEffect, useState } from 'react'; @@ -635,8 +699,8 @@ export const Todos = () => { }); if (!res.ok){if (res.status === 401) { -// Redirect user back to the sign in page -window.location.href = '/'; + // Redirect user back to the sign in page + window.location.href = '/'; } else { // Handle other errors throw new Error('Error occurred while fetching data');