-
Notifications
You must be signed in to change notification settings - Fork 1
Logout
Leandro Santiago Gomes edited this page Jan 30, 2023
·
1 revision
As an user
I want to do logout
To prevent other people from using my tokens
After using the system or when it is necessary to change users, logoff must be requested so that the access and refresh tokens are rendered useless, preventing other people from being able to access the system with the user account
graph TD
r400([400 - Bad Request])
r401([401 - Unauthorized])
r202([202 - accepted])
s((start))
-->|User| s01[Request to logout]
-->|API| s02[Check if request is valid]
--> q01{is valid?}
q01 -->|no| r400
q01 -->|yes| q01y[Verify "accessToken"]
--> q02{is valid?}
q02 -->|no| r401
q02 -->|yes| q02y[Find "userAuth" to "accessToken"]
--> q03{is found?}
q03 -->|no| r401
q03 -->|yes| q03y[Check if "userAuth" is active]
--> q04{is active?}
q04 -->|no| r401
q04 -->|yes| r202
interface Request {
method: 'POST'
headers: {
authorization: `Bearer ${string}`
}
}interface Response {
status: 204
}