rubyforgood · xihai01 · Feb 24, 2025 · Feb 24, 2025 · Feb 26, 2025 · Feb 26, 2025
@@ -37,6 +37,19 @@ def is_refresh_token_expired?
     refresh_token_expires_at < Time.current
   end
 
+  # clear tokens
+  # token argument takes in two strings: api_token and refresh_token
+  def revoke_token(token)
+    if (token == "api_token")
+      update_columns(api_token_digest: nil)
+    elsif (token == "refresh_token")
+      update_columns(refresh_token_digest: nil)
+    else
+      return nil
+    end
+    return token
+  end
+
   private
 
   # Generate unique tokens and hashes them for secure db storage

@@ -100,4 +100,24 @@
       expect(api_credential.refresh_token_digest).to eq(Digest::SHA256.hexdigest(refresh_token))
     end
   end
+
+  describe "#revoke_token" do
+    it "sets api token to nil" do
+      api_token = api_credential.return_new_api_token![:api_token]
+      api_credential.revoke_token("api_token")
+
+      expect(api_credential.api_token_digest).to be_nil
+    end
+
+    it "sets refresh token to nil" do
+      refresh_token = api_credential.return_new_refresh_token![:refresh_token]
+      api_credential.revoke_token("refresh_token")
+
+      expect(api_credential.refresh_token_digest).to be_nil
+    end
+
+    it "returns nil if token is not found" do
+      expect(api_credential.revoke_token("invalid_token")).to be_nil
+    end
+  end
 end
@@ -41,4 +41,37 @@
       end
     end
   end
+
+  path "/api/v1/users/sign_out" do
+    delete "Signs out a user" do
+      tags "Sessions"
+      produces "application/json"
+      parameter name: :Authorization, in: :header, type: :string, required: true
+
+      let(:casa_org) { create(:casa_org) }
+      let(:volunteer) { create(:volunteer, casa_org: casa_org) }
+      let(:api_credential) { create(:api_credential, user: volunteer) }
+      let(:refresh_token) { api_credential.return_new_refresh_token![:refresh_token] }
+
+      response "200", "user signed out" do
+        let(:Authorization) { "Bearer #{refresh_token}" }
+        schema "$ref" => "#/components/schemas/sign_out"
+        run_test! do |response|
+          expect(response.content_type).to eq("application/json; charset=utf-8")
+          expect(response.body).to eq({message: "Signed out successfully."}.to_json)
+          expect(response.status).to eq(200)
+        end
+      end
+
+      response "401", "unauthorized" do
+        let(:Authorization) { "Bearer foo" }
+        schema "$ref" => "#/components/schemas/sign_out"
+        run_test! do |response|
+          expect(response.content_type).to eq("application/json; charset=utf-8")
+          expect(response.body).to eq({message: "An error occured when signing out."}.to_json)
+          expect(response.status).to eq(401)
+        end
+      end
+    end
+  end
 end
@@ -42,6 +42,12 @@
             properties: {
               message: {type: :string}
             }
+          },
+          sign_out: {
+            type: :object,
+            properties: {
+              message: {type: :string}
+            }
           }
         }
       },

@@ -19,7 +19,7 @@ components:
             type: string
           email:
             type: string
-          api_token_expires_at:
+          token_expires_at:
             type: datetime
           refresh_token_expires_at:
             type: datetime
@@ -28,6 +28,11 @@ components:
       properties:
         message:
           type: string
+    sign_out:
+      type: object
+      properties:
+        message:
+          type: string
 paths:
   "/api/v1/users/sign_in":
     post:
@@ -61,6 +66,30 @@ paths:
               required:
               - email
               - password
+  "/api/v1/users/sign_out":
+    delete:
+      summary: Signs out a user
+      tags:
+      - Sessions
+      parameters:
+      - name: Authorization
+        in: header
+        required: true
+        schema:
+          type: string
+      responses:
+        '200':
+          description: user signed out
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/sign_out"
+        '401':
+          description: unauthorized
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/sign_out"
 servers:
 - url: https://{defaultHost}
   variables: