Revoke access token when logging out

src/api/users.ts

@@ -158,6 +158,21 @@ export async function getAccessToken(
   }
 }
 
+export async function revokeAccessToken(
+  authToken: string,
+): Promise<void> {
+  const url = `${BACKEND_URL}/oauth/revoke`
+  const response = await http(url, {
+    method: "POST",
+    authToken,
+    json: { token: authToken },
+  })
+  if (response.status !== 200) {
+    const data = await response.json()
+    throw new Error(data.message)
+  }
+}
+
 export async function getCurrentUser(authToken: string): Promise<User | null> {
   const url = `${BACKEND_URL}/api/v1/accounts/verify_credentials`
   const response = await http(url, { authToken })

src/components/Sidebar.vue

@@ -39,6 +39,7 @@ import { onMounted } from "vue"
 import { $, $computed } from "vue/macros"
 import { useRouter } from "vue-router"
 
+import { revokeAccessToken } from "@/api/users"
 import { useNotifications } from "@/store/notifications"
 import { useCurrentUser } from "@/store/user"
 import { useInstanceInfo } from "@/store/instance"
@@ -68,7 +69,8 @@ function isSubscriptionsFeatureEnabled(): boolean {
   return Boolean(blockchain?.features.subscriptions)
 }
 
-function logout() {
+async function logout() {
+  await revokeAccessToken(ensureAuthToken())
   setCurrentUser(null)
   setAuthToken(null)
   router.push({ name: "landing-page" })