added token revoke to logout

2023-09-19 18:58:08 +02:00 · 2023-09-19 18:58:08 +02:00 · 50d1803a18
commit 50d1803a18
parent 34f9929b16
4 changed files with 43 additions and 9 deletions
--- a/filcnaplo/lib/models/user.dart
+++ b/filcnaplo/lib/models/user.dart
@ -93,4 +93,13 @@ class User {
      "refresh_user_data": "false",
    };
  }
  static Map<String, Object?> logoutBody({
    required String refreshToken,
  }) {
    return {
      "refresh_token": refreshToken,
      "client_id": KretaAPI.clientId,
    };
  }
 }
--- a/filcnaplo_desktop_ui/lib/screens/navigation/sidebar.dart
+++ b/filcnaplo_desktop_ui/lib/screens/navigation/sidebar.dart
@ -176,13 +176,16 @@ class _SidebarState extends State<Sidebar> {
          String? userId = user.id;
          if (userId == null) return;
-          // Delete User
+          // revoke refresh token
          await Provider.of<KretaClient>(context, listen: false).logout();
          // delete user from app
          user.removeUser(userId);
          await Provider.of<DatabaseProvider>(context, listen: false)
              .store
              .removeUser(userId);
-          // If no other Users left, go back to LoginScreen
+          // if no other users left, go back to login screen
          if (user.getUsers().isNotEmpty) {
            user.setUser(user.getUsers().first.id);
            restore().then((_) => user.setUser(user.getUsers().first.id));
--- a/filcnaplo_kreta_api/lib/client/api.dart
+++ b/filcnaplo_kreta_api/lib/client/api.dart
@ -3,6 +3,7 @@ import 'package:intl/intl.dart';
 class KretaAPI {
  // IDP API
  static const login = BaseKreta.kretaIdp + KretaApiEndpoints.token;
  static const logout = BaseKreta.kretaIdp + KretaApiEndpoints.revoke;
  static const nonce = BaseKreta.kretaIdp + KretaApiEndpoints.nonce;
  static const clientId = "kreta-ellenorzo-mobile-android";
@ -86,6 +87,7 @@ class BaseKreta {
 class KretaApiEndpoints {
  static const token = "/connect/token";
  static const revoke = "/connect/revocation";
  static const nonce = "/nonce";
  static const notes = "/ellenorzo/V3/Sajat/Feljegyzesek";
  static const events = "/ellenorzo/V3/Sajat/FaliujsagElemek";
--- a/filcnaplo_kreta_api/lib/client/client.dart
+++ b/filcnaplo_kreta_api/lib/client/client.dart
@ -187,13 +187,15 @@ class KretaClient {
      print("DEBUG: refreshLogin: ${loginUser.id} ${loginUser.name}");
    }
-    Map? loginRes = await postAPI(KretaAPI.login,
+    Map? loginRes = await postAPI(
      KretaAPI.login,
      headers: headers,
      body: User.loginBody(
        username: loginUser.username,
        password: loginUser.password,
        instituteCode: loginUser.instituteCode,
-        ));
+      ),
    );
    if (loginRes != null) {
      if (loginRes.containsKey("access_token")) {
@ -223,4 +225,22 @@ class KretaClient {
    _loginRefreshing = false;
  }
  Future<void> logout() async {
    User? loginUser = _user.user;
    if (loginUser == null) return;
    Map<String, String> headers = {
      "content-type": "application/x-www-form-urlencoded",
    };
    await postAPI(
      KretaAPI.logout,
      headers: headers,
      body: User.logoutBody(
        refreshToken: refreshToken!,
      ),
      json: false,
    );
  }
 }