Add revoke token

2019-02-11 00:49:56 +03:00 · 2019-02-11 00:49:56 +03:00 · 62a45bdc11
parent 61a4bc5095
commit 62a45bdc11
4 changed files with 37 additions and 4 deletions
--- a/lib/pleroma/web/oauth/token.ex
+++ b/lib/pleroma/web/oauth/token.ex
@ -53,9 +53,18 @@ defmodule Pleroma.Web.OAuth.Token do
    |> Repo.delete_all()
  end

-  def get_user_tokens(%User{id: user_id}) do
+  def delete_user_token(%User{id: user_id}, token_id) do
    from(
      t in Pleroma.Web.OAuth.Token,
+      where: t.user_id == ^user_id,
+      where: t.id == ^token_id
+    )
+    |> Repo.delete_all()
+  end
+
+  def get_user_tokens(%User{id: user_id}) do
+    from(
+      t in Token,
      where: t.user_id == ^user_id
    )
    |> Repo.all()
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -391,6 +391,7 @@ defmodule Pleroma.Web.Router do
    get("/externalprofile/show", TwitterAPI.Controller, :external_profile)

    get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
+    delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)
  end

  pipeline :ap_relay do
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@ -554,6 +554,12 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
    end
  end

+  def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
+    Token.delete_user_token(user, id)
+
+    json_reply(conn, 201, "")
+  end
+
  def blocks(%{assigns: %{user: user}} = conn, _params) do
    with blocked_users <- User.blocked_users(user) do
      conn
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@ -8,6 +8,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
  alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
  alias Pleroma.{Repo, Activity, User, Object, Notification}
  alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.OAuth.Token
  alias Pleroma.Web.TwitterAPI.UserView
  alias Pleroma.Web.TwitterAPI.NotificationView
  alias Pleroma.Web.CommonAPI
@ -1878,12 +1879,16 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
  end

  describe "GET /api/oauth_tokens" do
-    test "renders list" do
-      token = insert(:oauth_token)
+    setup do
+      token = insert(:oauth_token) |> Repo.preload(:user)

+      %{token: token}
+    end
+
+    test "renders list", %{token: token} do
      response =
        build_conn()
-        |> assign(:user, Repo.get(User, token.user_id))
+        |> assign(:user, token.user)
        |> get("/api/oauth_tokens")

      keys =
@ -1893,5 +1898,17 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do

      assert keys -- ["id", "refresh_token", "token", "valid_until"] == []
    end
+
+    test "revoke token", %{token: token} do
+      response =
+        build_conn()
+        |> assign(:user, token.user)
+        |> delete("/api/oauth_tokens/#{token.id}")
+
+      tokens = Token.get_user_tokens(token.user)
+
+      assert tokens == []
+      assert response.status == 201
+    end
  end
 end