ЕСОЗ - публічна документація

Logout

Owned by Dmytro Omelchenko (SoE eHealth)
Last updated: Oct 29, 2024 by Liudmyla Dobrovolska (SoE eHealth)
1 min read

Purpose

This WS is designed to terminate users authenticated session based on a valid access token.

Key points

  1. Only authenticated user with a valid access token can perform logout process.

  2. Logout process terminates current access token for user and client as well as refresh token.

Specification

Apiary

Validations

Authorization

  • Verify the validity of the access token

    • in case of error - return 401 (“Invalid access token”)

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

Service logic

  1. Expire access token from Authorization header based on token type:

    1. if opaque - update values in mithril database, tokens table, set:

      1. expired_at = now()

      2. updated_at = now()

    2. if JWT - create key in redis cache with name blacklist_jti_<<token_id>>, where token_id = jti value from token, TTL = time between now() and exp of token;

  2. Get refresh_token value from access token, expire it, update values in mithril database, tokens table, set:

    1. expired_at = now()

    2. updated_at = now()

 

ЕСОЗ - публічна документація