diff --git a/internal/api/controller/user/logout.go b/internal/api/controller/user/logout.go new file mode 100644 index 000000000..cfe24936b --- /dev/null +++ b/internal/api/controller/user/logout.go @@ -0,0 +1,40 @@ +// Copyright 2022 Harness Inc. All rights reserved. +// Use of this source code is governed by the Polyform Free Trial License +// that can be found in the LICENSE.md file for this repository. + +package user + +import ( + "context" + "errors" + + "github.com/harness/gitness/internal/api/usererror" + "github.com/harness/gitness/internal/auth" + "github.com/harness/gitness/types/enum" +) + +// Logout searches for the user's token present in the request and proceeds to delete it, +// returns nil if successful. +func (c *Controller) Logout(ctx context.Context, session *auth.Session) error { + var ( + tokenID int64 + tokenType enum.TokenType + ) + + if session == nil { + return usererror.BadRequest("no authenticated user") + } + switch t := session.Metadata.(type) { + case *auth.TokenMetadata: + tokenID = t.TokenID + tokenType = t.TokenType + default: + return errors.New("session metadata is of unknown type") + } + + if tokenType != enum.TokenTypeSession { + return usererror.BadRequestf("unsupported logout token type %v", tokenType) + } + + return c.tokenStore.Delete(ctx, tokenID) +} diff --git a/internal/api/handler/account/logout.go b/internal/api/handler/account/logout.go new file mode 100644 index 000000000..7840cb145 --- /dev/null +++ b/internal/api/handler/account/logout.go @@ -0,0 +1,30 @@ +// Copyright 2022 Harness Inc. All rights reserved. +// Use of this source code is governed by the Polyform Free Trial License +// that can be found in the LICENSE.md file for this repository. + +package account + +import ( + "net/http" + + "github.com/harness/gitness/internal/api/controller/user" + "github.com/harness/gitness/internal/api/render" + "github.com/harness/gitness/internal/api/request" +) + +// HandleLogout returns a http.HandlerFunc that deletes the +// user token being used in the respective request and logs the user out. +func HandleLogout(userCtrl *user.Controller) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + session, _ := request.AuthSessionFrom(ctx) + + err := userCtrl.Logout(ctx, session) + if err != nil { + render.TranslatedUserError(w, err) + return + } + + render.DeleteSuccessful(w) + } +} diff --git a/internal/api/openapi/account.go b/internal/api/openapi/account.go index b69b970f6..334237af0 100644 --- a/internal/api/openapi/account.go +++ b/internal/api/openapi/account.go @@ -40,6 +40,16 @@ func buildAccount(reflector *openapi3.Reflector) { _ = reflector.SetJSONResponse(&onLogin, new(usererror.Error), http.StatusNotFound) _ = reflector.Spec.AddOperation(http.MethodPost, "/login", onLogin) + opLogout := openapi3.Operation{} + opLogout.WithTags("account") + opLogout.WithMapOfAnything(map[string]interface{}{"operationId": "opLogout"}) + _ = reflector.SetRequest(&opLogout, nil, http.MethodPost) + _ = reflector.SetJSONResponse(&opLogout, nil, http.StatusOK) + _ = reflector.SetJSONResponse(&opLogout, new(usererror.Error), http.StatusBadRequest) + _ = reflector.SetJSONResponse(&opLogout, new(usererror.Error), http.StatusInternalServerError) + _ = reflector.SetJSONResponse(&opLogout, new(usererror.Error), http.StatusNotFound) + _ = reflector.Spec.AddOperation(http.MethodPost, "/logout", opLogout) + onRegister := openapi3.Operation{} onRegister.WithTags("account") onRegister.WithMapOfAnything(map[string]interface{}{"operationId": "onRegister"}) diff --git a/internal/router/api.go b/internal/router/api.go index 79c7c5dee..dbd557e6a 100644 --- a/internal/router/api.go +++ b/internal/router/api.go @@ -434,4 +434,5 @@ func setupAdmin(r chi.Router, userCtrl *user.Controller) { func setupAccount(r chi.Router, userCtrl *user.Controller) { r.Post("/login", account.HandleLogin(userCtrl)) r.Post("/register", account.HandleRegister(userCtrl)) + r.Post("/logout", account.HandleLogout(userCtrl)) }