diff --git a/db/1.sqlite-shm b/db/1.sqlite-shm index fe9ac28..dd83caa 100644 Binary files a/db/1.sqlite-shm and b/db/1.sqlite-shm differ diff --git a/db/1.sqlite-wal b/db/1.sqlite-wal index e69de29..b997f51 100644 Binary files a/db/1.sqlite-wal and b/db/1.sqlite-wal differ diff --git a/db/auth_copy_2.sqlite-shm b/db/auth_copy_2.sqlite-shm index 8257510..78e3e8c 100644 Binary files a/db/auth_copy_2.sqlite-shm and b/db/auth_copy_2.sqlite-shm differ diff --git a/db/auth_copy_2.sqlite-wal b/db/auth_copy_2.sqlite-wal index 4ad6bd0..7056cfc 100644 Binary files a/db/auth_copy_2.sqlite-wal and b/db/auth_copy_2.sqlite-wal differ diff --git a/src/utils/auth.rs b/src/utils/auth.rs index b2240a0..fa429b1 100644 --- a/src/utils/auth.rs +++ b/src/utils/auth.rs @@ -531,11 +531,8 @@ pub async fn create_refresh_token( /*.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "Error mapping hotel_ids".to_string())); */ - - - -//FIXME: might not need the hotel list on tconflict ? + //FIXME: might not need the hotel list on tconflict ? conn.execute( r#" INSERT INTO refresh_token ( @@ -702,6 +699,7 @@ pub async fn login_refresh_token ( } +#[axum::debug_handler] pub async fn logout_from_single_device ( State(state): State, Extension(keys): Extension, @@ -721,39 +719,61 @@ pub async fn logout_from_single_device ( }; let device_row = match conn.query_row( - "SELECT user_id, token_hash, hotel_id, id FROM refresh_token WHERE device_id = ?1 AND user_agent = ?2 AND revoke = 0 ", + "SELECT user_id, token_hash, hotel_id_list, id FROM refresh_token WHERE device_id = ?1 AND user_agent = ?2 AND revoked = 0 ", params![&device_id_str, &user_agent_str], |row| { let user_id: i32 = row.get(0)?; let token_hash: String = row.get(1)?; - let hotel_id: i32 = row.get(2)?; + let json_hotel_id_list: String = row.get(2)?; let id:i32 = row.get(3)?; //let displayname: String = row.get(3)?; - Ok((user_id, token_hash, hotel_id,id)) + Ok((user_id, token_hash, json_hotel_id_list ,id)) }, ).optional() { Ok(opt) => opt, - Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "DB query error").into_response(), + Err(e) => return (StatusCode::INTERNAL_SERVER_ERROR, format!("DB query error : {}", e )).into_response(), }; - let (user_id, token_hash, hotel_id, token_id) = match device_row { + + + let (user_id, token_hash, json_hotel_id_list, token_id) = match device_row { Some(tuple) => tuple, None => return (StatusCode::UNAUTHORIZED, "No matching device").into_response(), }; + let hotel_ids: Vec = match serde_json::from_str(&json_hotel_id_list) { + Ok(ids) => ids, + Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "Hotel ids are not deserializable to Vec").into_response(), + + }; + //FIXME: need to chang the way we get refresh token from the cookies instead /* if !verify_password(&payload.refresh_token, &token_hash) { return (StatusCode::UNAUTHORIZED, "Invalid or mismatched token").into_response(); } */ + +/* let revoked: Result = conn.query_row( "UPDATE refresh_token SET revoked = 1 WHERE id = ?1 RETURNING device_id", params![&token_id], |row| row.get(0), ); - return (StatusCode::OK, format!("Token deleted for device id {}", &device_id_str)).into_response() +*/ + + let cookie_value = format!("refresh_token={}; HttpOnly; Secure; Max-Age=0;Path=/", "loggedout"); + + let mut response = (StatusCode::CREATED, format!("Token deleted for device id {}", &device_id_str)) + .into_response(); + + response.headers_mut().insert( + SET_COOKIE, + HeaderValue::from_str(&cookie_value).unwrap(), + ); + + response }