38 lines
1.0 KiB
PHP
38 lines
1.0 KiB
PHP
<?php
|
|
// phpcs:ignoreFile
|
|
/**
|
|
* POST /api/auth/logout
|
|
*
|
|
* Revoke the current refresh token.
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
$body = api_get_json_body();
|
|
|
|
// If refresh token provided, revoke it specifically
|
|
if (isset($body['refresh_token']) && $body['refresh_token'] !== '') {
|
|
$refreshToken = trim((string) $body['refresh_token']);
|
|
$payload = jwt_decode_token($refreshToken);
|
|
|
|
if ($payload !== null && isset($payload['jti'])) {
|
|
jwt_revoke_refresh_token($payload['jti']);
|
|
}
|
|
}
|
|
|
|
// Optionally, if access token is valid, revoke all user tokens
|
|
$accessToken = jwt_get_bearer_token();
|
|
|
|
if ($accessToken !== null) {
|
|
$payload = jwt_decode_token($accessToken);
|
|
|
|
if ($payload !== null && isset($payload['sub'])) {
|
|
// If 'revoke_all' flag is set, revoke all tokens for this user
|
|
if (isset($body['revoke_all']) && $body['revoke_all'] === true) {
|
|
jwt_revoke_all_user_tokens($payload['sub']);
|
|
}
|
|
}
|
|
}
|
|
|
|
api_success(['message' => 'Logged out successfully']);
|