eventlog: add logout

fixes #757
This commit is contained in:
Girish Ramakrishnan
2021-01-06 21:57:23 -08:00
parent af683b5fa4
commit 624e34d02d
5 changed files with 19 additions and 29 deletions

View File

@@ -64,24 +64,11 @@ function login(req, res, next) {
}
function logout(req, res) {
var token;
assert.strictEqual(typeof req.access_token, 'string');
// this determines the priority
if (req.body && req.body.access_token) token = req.body.access_token;
if (req.query && req.query.access_token) token = req.query.access_token;
if (req.headers && req.headers.authorization) {
var parts = req.headers.authorization.split(' ');
if (parts.length == 2) {
var scheme = parts[0];
var credentials = parts[1];
eventlog.add(eventlog.ACTION_USER_LOGOUT, auditSource.fromRequest(req), { userId: req.user.id, user: users.removePrivateFields(req.user) });
if (/^Bearer$/i.test(scheme)) token = credentials;
}
}
if (!token) return res.redirect('/login.html');
tokendb.delByAccessToken(token, function () { res.redirect('/login.html'); });
tokendb.delByAccessToken(req.access_token, function () { res.redirect('/login.html'); });
}
function passwordResetRequest(req, res, next) {