forked from Wroclaw/WorkshopTasker
30 lines
842 B
TypeScript
30 lines
842 B
TypeScript
|
/* global defineEventHandler, createError, getCookie, deleteCookie */
|
||
|
|
||
|
import { isAuthorised } from "../middleware/auth";
|
||
|
import { database } from "../utils/database";
|
||
|
import { cookieSettings } from "../utils/rootUtils";
|
||
|
|
||
|
export default defineEventHandler(async (e) => {
|
||
|
const token = getCookie(e, "token");
|
||
|
if (token === undefined) {
|
||
|
throw createError({
|
||
|
statusCode: 401,
|
||
|
data: "You can't log out if you're already logged out (no session cookie)",
|
||
|
});
|
||
|
}
|
||
|
|
||
|
deleteCookie(e, "token", cookieSettings);
|
||
|
if (!await isAuthorised(token)) {
|
||
|
throw createError({
|
||
|
statusCode: 401,
|
||
|
message: "You can't log out if you're already logged out (session expired or never existed)",
|
||
|
});
|
||
|
}
|
||
|
|
||
|
database.query(
|
||
|
"DELETE FROM `sessions` WHERE `id` = ?",
|
||
|
[token],
|
||
|
);
|
||
|
return { message: "Logged out" };
|
||
|
});
|