From b94392aaf22bb7e093b09b02e899f328171d682f Mon Sep 17 00:00:00 2001 From: JustAnyone Date: Mon, 6 Oct 2025 22:09:29 +0300 Subject: [PATCH] Add token revocation endpoint --- README.md | 2 +- .../Controllers/AuthController.cs | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0486043..376cb06 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Sistema bus kuriama naudojant modernias technologijas, o diegimas bus supaprasti **Registruoti naudotojai** 1. Gali prisijungti prie sistemos. -2. ~~Gali atsijungti nuo sistemos.~~ +2. Gali atsijungti nuo sistemos. 3. Gali įkelti naujus paveikslus. 4. Gali redaguoti savo įkeltų paveikslų metaduomenis (žymas, aprašą). 5. Gali ištrinti savo įkeltus paveikslus. diff --git a/T120B165-ImgBoard/Controllers/AuthController.cs b/T120B165-ImgBoard/Controllers/AuthController.cs index 3200b2b..e0c351b 100644 --- a/T120B165-ImgBoard/Controllers/AuthController.cs +++ b/T120B165-ImgBoard/Controllers/AuthController.cs @@ -79,4 +79,22 @@ public class AuthController(UserManager userManager, ITokenService tokenSe var newRefreshToken = await tokenService.GenerateRefreshToken(user); return Ok(new TokenDto(AccessToken: accessToken, RefreshToken: newRefreshToken)); } + + /// + /// Revokes the refresh token. + /// + /// Data with refresh token + /// If token was revoked successfully + /// If refresh token is missing or is expired + [HttpPost("revoke")] + [ProducesResponseType(StatusCodes.Status204NoContent)] + [ProducesResponseType(StatusCodes.Status401Unauthorized)] + public async Task> Revoke(RefreshDto dto) + { + var token = await tokenService.GetRefreshTokenByValue(dto.RefreshToken); + if (token == null) return Unauthorized(); + + await tokenService.InvalidateRefreshToken(token); + return NoContent(); + } }