Fix #663

Properly revoke token when actively logging out
2025-03-09 16:10:05 +01:00 · 2023-01-16 22:22:19 +01:00 · 2023-01-16 22:22:19 +01:00 · adb7a765b4
commit adb7a765b4
parent 196f51bfca
2 changed files with 32 additions and 6 deletions
--- a/src/screens/Tabs/Me/Root/Logout.tsx
+++ b/src/screens/Tabs/Me/Root/Logout.tsx
@ -32,7 +32,7 @@ const Logout: React.FC = () => {
              onPress: () => {
                if (accountActive) {
                  haptics('Light')
-                  removeAccount(accountActive)
+                  removeAccount(accountActive, false)
                }
              }
            },
--- a/src/utils/storage/actions.ts
+++ b/src/utils/storage/actions.ts
@ -264,14 +264,40 @@ export const setAccount = async (account: string) => {
    })
 }

-export const removeAccount = async (account: string) => {
-  displayMessage({
-    message: i18n.t('screens:localCorrupt.message'),
-    type: 'danger'
-  })
+export const removeAccount = async (account: string, warning: boolean = true) => {
+  const temp = new MMKV({ id: account })
+
+  if (warning) {
+    const acct = temp.getString('auth.account.acct')
+    const domain = temp.getString('auth.account.domain')
+    displayMessage({
+      message: i18n.t('screens:localCorrupt.message'),
+      ...(acct && domain && { description: `@${acct}@${domain}` }),
+      type: 'danger'
+    })
+  }
  // @ts-ignore
  navigationRef.navigate('Screen-Tabs', { screen: 'Tab-Me' })

+  const revokeDetails = {
+    domain: temp.getString('auth.domain'),
+    client_id: temp.getString('auth.clientId'),
+    client_secret: temp.getString('auth.clientSecret'),
+    token: temp.getString('auth.token')
+  }
+  if (
+    revokeDetails.domain &&
+    revokeDetails.client_id &&
+    revokeDetails.client_secret &&
+    revokeDetails.token
+  ) {
+    const body = new FormData()
+    body.append('client_id', revokeDetails.client_id)
+    body.append('client_secret', revokeDetails.client_secret)
+    body.append('token', revokeDetails.token)
+    apiGeneral({ method: 'post', domain: revokeDetails.domain, url: '/oauth/revoke', body })
+  }
+
  const currAccounts: NonNullable<StorageGlobal['accounts']> =
    getGlobalStorage.object('accounts') || []
  const nextAccounts: NonNullable<StorageGlobal['accounts']> = currAccounts.filter(