Refactor the logout routes

Dlurak · Apr 8, 2024 · c7e89e3 · c7e89e3
1 parent 53bf6cd
commit c7e89e3
Show file tree

Hide file tree

Showing 3 changed files with 81 additions and 71 deletions.
diff --git a/src/routes/auth/logout.ts b/src/routes/auth/logout.ts
@@ -0,0 +1,77 @@
+import e from "@edgedb";
+import { DATABASE_DELETE_FAILED, UNAUTHORIZED } from "constants/responses";
+import { Elysia } from "elysia";
+import { HttpStatusCode } from "elysia-http-status-code";
+import { client } from "index";
+import { auth } from "plugins/auth";
+import { promiseResult } from "utils/errors";
+import { responseBuilder } from "utils/response";
+
+export const logoutRouter = new Elysia()
+	.use(HttpStatusCode())
+	.use(auth)
+	.delete("/all", async ({ auth, set, httpStatus }) => {
+		if (!auth.isAuthorized) {
+			set.status = httpStatus.HTTP_401_UNAUTHORIZED;
+			return UNAUTHORIZED;
+		}
+		if (auth.createdBy !== "login") {
+			set.status = httpStatus.HTTP_403_FORBIDDEN;
+			return responseBuilder("error", {
+				error:
+					"Access token must be generated using log in and not a refresh token",
+			});
+		}
+
+		const delQuery = e.count(
+			e.delete(e.RefreshToken, (t) => ({
+				filter: e.op(t["<tokens[is User]"].username, "=", auth.username),
+			})),
+		);
+
+		const result = await promiseResult(() => delQuery.run(client));
+
+		if (result.isError) {
+			set.status = httpStatus.HTTP_500_INTERNAL_SERVER_ERROR;
+			return DATABASE_DELETE_FAILED;
+		}
+
+		return responseBuilder("success", {
+			message: "Logged out from all sessions",
+			data: {
+				sessionCount: result.data,
+			},
+		});
+	})
+	.delete("/:refreshToken", async ({ params, auth, set, httpStatus }) => {
+		if (!auth.isAuthorized) {
+			set.status = httpStatus.HTTP_401_UNAUTHORIZED;
+			return UNAUTHORIZED;
+		}
+
+		const delQuery = e.delete(e.RefreshToken, (t) => ({
+			filter_single: e.op(
+				e.op(t["<tokens[is User]"].username, "=", auth.username),
+				"and",
+				e.op(t.token, "=", params.refreshToken),
+			),
+		}));
+		const result = await promiseResult(() => delQuery.run(client));
+
+		if (result.isError) {
+			set.status = httpStatus.HTTP_500_INTERNAL_SERVER_ERROR;
+			return DATABASE_DELETE_FAILED;
+		}
+
+		if (!result.data) {
+			set.status = httpStatus.HTTP_404_NOT_FOUND;
+			return responseBuilder("error", {
+				error: "Could not find that refresh token",
+			});
+		}
+
+		return responseBuilder("success", {
+			message: "Deleted one refresh token successfully",
+			data: null,
+		});
+	});
diff --git a/src/routes/auth/refreshToken.ts b/src/routes/auth/refreshToken.ts
@@ -1,9 +1,5 @@
 import e from "@edgedb";
-import {
-	DATABASE_DELETE_FAILED,
-	DATABASE_WRITE_FAILED,
-	UNAUTHORIZED,
-} from "constants/responses";
+import { DATABASE_WRITE_FAILED } from "constants/responses";
 import { Elysia, t } from "elysia";
 import { HttpStatusCode } from "elysia-http-status-code";
 import { client } from "index";
@@ -14,10 +10,12 @@ import { promiseResult } from "utils/errors";
 import { randomNumber } from "utils/random";
 import { responseBuilder } from "utils/response";
 import { wait } from "utils/time";
+import { logoutRouter } from "./logout";
 
 export const refreshTokenRouter = new Elysia({ prefix: "/refresh-token" })
 	.use(HttpStatusCode())
 	.use(auth)
+	.use(logoutRouter)
 	.post(
 		"/password",
 		async ({ body, set, httpStatus }) => {
@@ -99,68 +97,3 @@ export const refreshTokenRouter = new Elysia({ prefix: "/refresh-token" })
 			detail: { tags: ["Auth"] },
 		},
 	)
-	.delete("/all", async ({ auth, set, httpStatus }) => {
-		if (!auth.isAuthorized) {
-			set.status = httpStatus.HTTP_401_UNAUTHORIZED;
-			return UNAUTHORIZED;
-		}
-		if (auth.createdBy !== "login") {
-			set.status = httpStatus.HTTP_403_FORBIDDEN;
-			return responseBuilder("error", {
-				error:
-					"Access token must be generated using log in and not a refresh token",
-			});
-		}
-
-		const delQuery = e.count(
-			e.delete(e.RefreshToken, (t) => ({
-				filter: e.op(t["<tokens[is User]"].username, "=", auth.username),
-			})),
-		);
-
-		const result = await promiseResult(() => delQuery.run(client));
-
-		if (result.isError) {
-			set.status = httpStatus.HTTP_500_INTERNAL_SERVER_ERROR;
-			return DATABASE_DELETE_FAILED;
-		}
-
-		return responseBuilder("success", {
-			message: "Logged out from all sessions",
-			data: {
-				sessionCount: result.data,
-			},
-		});
-	})
-	.delete("/:refreshToken", async ({ params, auth, set, httpStatus }) => {
-		if (!auth.isAuthorized) {
-			set.status = httpStatus.HTTP_401_UNAUTHORIZED;
-			return UNAUTHORIZED;
-		}
-
-		const delQuery = e.delete(e.RefreshToken, (t) => ({
-			filter_single: e.op(
-				e.op(t["<tokens[is User]"].username, "=", auth.username),
-				"and",
-				e.op(t.token, "=", params.refreshToken),
-			),
-		}));
-		const result = await promiseResult(() => delQuery.run(client));
-
-		if (result.isError) {
-			set.status = httpStatus.HTTP_500_INTERNAL_SERVER_ERROR;
-			return DATABASE_DELETE_FAILED;
-		}
-
-		if (!result.data) {
-			set.status = httpStatus.HTTP_404_NOT_FOUND;
-			return responseBuilder("error", {
-				error: "Could not find that refresh token",
-			});
-		}
-
-		return responseBuilder("success", {
-			message: "Deleted one refresh token successfully",
-			data: null,
-		});
-	});
diff --git a/src/utils/errors.ts b/src/utils/errors.ts
@@ -15,7 +15,7 @@ export const promiseResult = async <T>(callback: () => Promise<T>) => {
 				}) as const,
 		)
 		.catch(
-			(e) =>
+			(e: Error) =>
 				({
 					status: "error",
 					error: e,