From b14911d3147515beded27c440a11692529792c2f Mon Sep 17 00:00:00 2001 From: Ulf Gebhardt Date: Thu, 9 Mar 2023 11:05:03 +0100 Subject: [PATCH] logout event --- backend/src/event/EVENT_LOGOUT.ts | 6 ++++++ backend/src/event/Event.ts | 1 + backend/src/event/EventType.ts | 1 + backend/src/graphql/resolver/UserResolver.ts | 13 ++++--------- 4 files changed, 12 insertions(+), 9 deletions(-) create mode 100644 backend/src/event/EVENT_LOGOUT.ts diff --git a/backend/src/event/EVENT_LOGOUT.ts b/backend/src/event/EVENT_LOGOUT.ts new file mode 100644 index 000000000..1e423359c --- /dev/null +++ b/backend/src/event/EVENT_LOGOUT.ts @@ -0,0 +1,6 @@ +import { User as DbUser } from '@entity/User' +import { Event as DbEvent } from '@entity/Event' +import { Event, EventType } from './Event' + +export const EVENT_LOGOUT = async (user: DbUser): Promise => + Event(EventType.LOGOUT, user, user).save() diff --git a/backend/src/event/Event.ts b/backend/src/event/Event.ts index cdb05748c..19fbc81cd 100644 --- a/backend/src/event/Event.ts +++ b/backend/src/event/Event.ts @@ -53,6 +53,7 @@ export { EVENT_CONTRIBUTION_UPDATE } from './EVENT_CONTRIBUTION_UPDATE' export { EVENT_CONTRIBUTION_MESSAGE_CREATE } from './EVENT_CONTRIBUTION_MESSAGE_CREATE' export { EVENT_CONTRIBUTION_LINK_REDEEM } from './EVENT_CONTRIBUTION_LINK_REDEEM' export { EVENT_LOGIN } from './EVENT_LOGIN' +export { EVENT_LOGOUT } from './EVENT_LOGOUT' export { EVENT_REGISTER } from './EVENT_REGISTER' export { EVENT_SEND_ACCOUNT_MULTIREGISTRATION_EMAIL } from './EVENT_SEND_ACCOUNT_MULTIREGISTRATION_EMAIL' export { EVENT_SEND_CONFIRMATION_EMAIL } from './EVENT_SEND_CONFIRMATION_EMAIL' diff --git a/backend/src/event/EventType.ts b/backend/src/event/EventType.ts index 47056f05e..df4a5cc75 100644 --- a/backend/src/event/EventType.ts +++ b/backend/src/event/EventType.ts @@ -17,6 +17,7 @@ export enum EventType { CONTRIBUTION_MESSAGE_CREATE = 'CONTRIBUTION_MESSAGE_CREATE', CONTRIBUTION_LINK_REDEEM = 'CONTRIBUTION_LINK_REDEEM', LOGIN = 'LOGIN', + LOGOUT = 'LOGOUT', REGISTER = 'REGISTER', REDEEM_REGISTER = 'REDEEM_REGISTER', SEND_ACCOUNT_MULTIREGISTRATION_EMAIL = 'SEND_ACCOUNT_MULTIREGISTRATION_EMAIL', diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index 2cd40938f..639f59c09 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -57,6 +57,7 @@ import { EVENT_REGISTER, EVENT_ACTIVATE_ACCOUNT, EVENT_ADMIN_SEND_CONFIRMATION_EMAIL, + EVENT_LOGOUT, } from '@/event/Event' import { getUserCreations } from './util/creations' import { isValidPassword } from '@/password/EncryptorUtils' @@ -185,15 +186,9 @@ export class UserResolver { @Authorized([RIGHTS.LOGOUT]) @Mutation(() => String) - async logout(): Promise { - // TODO: Event still missing here!! - // TODO: We dont need this anymore, but might need this in the future in oder to invalidate a valid JWT-Token. - // Furthermore this hook can be useful for tracking user behaviour (did he logout or not? Warn him if he didn't on next login) - // The functionality is fully client side - the client just needs to delete his token with the current implementation. - // we could try to force this by sending `token: null` or `token: ''` with this call. But since it bares no real security - // we should just return true for now. - logger.info('Logout...') - // remove user.pubKey from logger-context to ensure a correct filter on log-messages belonging to the same user + async logout(@Ctx() context: Context): Promise { + await EVENT_LOGOUT(getUser(context)) + // remove user from logger context logger.addContext('user', 'unknown') return true }