Also delete refrsh token if present for device.

TODO.txt

@@ -16,8 +16,8 @@ Milestone: v0.2.0
 [~] User login
     [x] User manipulation functions (so we don't use the DB directly)
     [x] Refresh tokens
-    [~] Logout
+    [x] Logout
-        [ ] Delete refresh token if present
+        [x] Delete refresh token if present
     [ ] Logout all
     [ ] Login fallback (static HTML page)
 [~] User Interactive
@@ -31,14 +31,14 @@ Milestone: v0.2.0
 [ ] Document new User functions
 [ ] Document new JSON functions
 
-[~] Refactor usage of StrDuplicate()
+[x] Refactor usage of StrDuplicate()
     - Functions that keep strings do the duplication,
       NOT their callers; callers free strings when they are
       done with them.
     [x] Remove HashMapGetKey() function
     [x] HashMap
     [x] JsonValueString()
-    [ ] Db
+    [x] Db
 
 Milestone: v0.3.0
 -----------------

src/User.c

@@ -524,19 +524,18 @@ UserAccessTokenFree(UserAccessToken * token)
 int
 UserDeleteToken(User * user, char *token)
 {
-    char *username = NULL;
+    char *username;
-    char *deviceid = NULL;
+    char *deviceId;
+    char *refreshToken;
 
-    Db *db = NULL;
+    Db *db;
+    DbRef *tokenRef;
 
-    DbRef *tokenref = NULL;
+    HashMap *tokenJson;
+    HashMap *userJson;
+    HashMap *deviceObj;
 
-    HashMap *tokenjson = NULL;
+    JsonValue *deletedVal;
-    HashMap *userjson = NULL;
-    HashMap *deviceobject = NULL;
-
-    JsonValue *devicejson = NULL;
-    JsonValue *deletedval = NULL;
 
     if (!user || !token)
     {
@@ -551,40 +550,48 @@ UserDeleteToken(User * user, char *token)
     }
 
     /* If it does, get it's username. */
-    tokenref = DbLock(db, 3, "tokens", "access", token);
+    tokenRef = DbLock(db, 3, "tokens", "access", token);
 
-    if (!tokenref)
+    if (!tokenRef)
     {
         return 0;
     }
-    tokenjson = DbJson(tokenref);
+    tokenJson = DbJson(tokenRef);
-    username = JsonValueAsString(HashMapGet(tokenjson, "user"));
+    username = JsonValueAsString(HashMapGet(tokenJson, "user"));
-    deviceid = JsonValueAsString(HashMapGet(tokenjson, "device"));
+    deviceId = JsonValueAsString(HashMapGet(tokenJson, "device"));
 
     if (strcmp(username, UserGetName(user)) != 0)
     {
         /* Token does not match user, do not delete it */
-        DbUnlock(db, tokenref);
+        DbUnlock(db, tokenRef);
         return 0;
     }
 
-    /* Now delete it from the user */
+    userJson = DbJson(user->ref);
-    userjson = DbJson(user->ref);
+    deviceObj = JsonValueAsObject(HashMapGet(userJson, "devices"));
-    devicejson = HashMapGet(userjson, "devices");
+
-    if (JsonValueType(devicejson) == JSON_OBJECT)
+    if (!deviceObj)
-    {
-        /* Delete our object */
-        deviceobject = JsonValueAsObject(devicejson);
-        deletedval = HashMapDelete(deviceobject, deviceid);
-        if (!deletedval)
     {
         return 0;
     }
-        JsonValueFree(deletedval);
+
+    /* Delete refresh token, if present */
+    refreshToken = JsonValueAsString(JsonGet(deviceObj, 2, deviceId, "refreshToken"));
+    if (refreshToken)
+    {
+        DbDelete(db, 3, "tokens", "refresh", refreshToken);
     }
 
-    /* ... and now the token */
+    /* Delete the device object */
-    if (!DbUnlock(db, tokenref) || !DbDelete(db, 3, "tokens", "access", token))
+    deletedVal = HashMapDelete(deviceObj, deviceId);
+    if (!deletedVal)
+    {
+        return 0;
+    }
+    JsonValueFree(deletedVal);
+
+    /* Delete the access token. */
+    if (!DbUnlock(db, tokenRef) || !DbDelete(db, 3, "tokens", "access", token))
     {
         return 0;
     }