fix: clear refresh-token on signout

re #985

Signed-off-by: Pranav C <pranavxc@gmail.com>

packages/nc-gui/store/users.js

@@ -275,27 +275,23 @@ export const actions = {
     return err
   },
 
-  async ActSignOut({ commit }) {
+  async ActSignOut({ commit, state }) {
     // console.log('in action signout');
 
     let err = null
 
     try {
-      // let err = await this.$axios.get('/auth/signout');
       // console.log(err);
+
+      await this.$axios.post('/auth/signout', null, {
+        headers: {
+          'xc-auth': state.token
+        }
+      })
       commit('MutSetUser', null)
       commit('MutSetToken', null)
       commit('MutMasterKey', null)
       commit('MutAuthType', null)
-      // commit('MutSetProjectToNull', null)
-      // commit('MutSetPaidUser', false);
-      //
-      // commit('MutUiAbility', {
-      //   rules: {
-      //     darkTheme: false,
-      //     maxTables: 5,
-      //   }
-      // })
     } catch (e) {
       err = e
       console.log(e)

packages/nocodb/src/lib/noco/rest/RestAuthCtrl.ts

@@ -287,6 +287,7 @@ export default class RestAuthCtrl {
     });
 
     this.app.router.get(`/user/me`, this.me);
+    this.app.router.post(`/auth/signout`, this.signout);
 
     /* Admin APIs */
     this.app.router.use('/admin', this.isAdmin);
@@ -994,6 +995,28 @@ export default class RestAuthCtrl {
     }
   }
 
+  protected async signout(req, res, next): Promise<any> {
+    try {
+      res.clearCookie('refresh_token');
+      const email = req?.session?.passport?.user?.email?.toLowerCase();
+
+      if (email) {
+        await this.users
+          .update({
+            refresh_token: null
+          })
+          .where({
+            email
+          });
+      }
+
+      res.json({ msg: 'Success' });
+    } catch (e) {
+      console.log(e);
+      next(e);
+    }
+  }
+
   protected async passwordForgot(req, res, next): Promise<any> {
     const _email = req.body.email;
     if (!_email) {