From fad485784492c58740a8e50a91f371b843d90e28 Mon Sep 17 00:00:00 2001
From: xihai01 <xihai.luo01@gmail.com>
Date: Wed, 26 Feb 2025 16:21:24 -0500
Subject: [PATCH] address changes: separate revoke_tokens

---
 .../api/v1/users/sessions_controller.rb         |  4 ++--
 app/models/api_credential.rb                    | 17 ++++++-----------
 spec/models/api_credential_spec.rb              | 12 +++++-------
 3 files changed, 13 insertions(+), 20 deletions(-)

diff --git a/app/controllers/api/v1/users/sessions_controller.rb b/app/controllers/api/v1/users/sessions_controller.rb
index fc948a94ab..1044db0fd3 100644
--- a/app/controllers/api/v1/users/sessions_controller.rb
+++ b/app/controllers/api/v1/users/sessions_controller.rb
@@ -15,8 +15,8 @@ def destroy
     api_credential = ApiCredential.find_by(refresh_token_digest: Digest::SHA256.hexdigest(refresh_token))
     # set api and refresh tokens to nil; otherwise render 401
     if api_credential
-      api_credential.revoke_token("api_token")
-      api_credential.revoke_token("refresh_token")
+      api_credential.revoke_api_token
+      api_credential.revoke_refresh_token
       render json: {message: "Signed out successfully."}, status: 200
     else
       render json: {message: "An error occured when signing out."}, status: 401
diff --git a/app/models/api_credential.rb b/app/models/api_credential.rb
index a010fe44fe..adcf3b5435 100644
--- a/app/models/api_credential.rb
+++ b/app/models/api_credential.rb
@@ -37,17 +37,12 @@ def is_refresh_token_expired?
     refresh_token_expires_at < Time.current
   end
 
-  # clear tokens
-  # token argument takes in two strings: api_token and refresh_token
-  def revoke_token(token)
-    if (token == "api_token")
-      update_columns(api_token_digest: nil)
-    elsif (token == "refresh_token")
-      update_columns(refresh_token_digest: nil)
-    else
-      return nil
-    end
-    return token
+  def revoke_api_token
+    update_columns(api_token_digest: nil)
+  end
+
+  def revoke_refresh_token
+    update_columns(refresh_token_digest: nil)
   end
 
   private
diff --git a/spec/models/api_credential_spec.rb b/spec/models/api_credential_spec.rb
index fe4884d7b4..fbecc6c04b 100644
--- a/spec/models/api_credential_spec.rb
+++ b/spec/models/api_credential_spec.rb
@@ -101,23 +101,21 @@
     end
   end
 
-  describe "#revoke_token" do
+  describe "#revoke_api_token" do
     it "sets api token to nil" do
       api_token = api_credential.return_new_api_token![:api_token]
-      api_credential.revoke_token("api_token")
+      api_credential.revoke_api_token
 
       expect(api_credential.api_token_digest).to be_nil
     end
+  end
 
+  describe "#revoke_refresh_token" do
     it "sets refresh token to nil" do
       refresh_token = api_credential.return_new_refresh_token![:refresh_token]
-      api_credential.revoke_token("refresh_token")
+      api_credential.revoke_refresh_token
 
       expect(api_credential.refresh_token_digest).to be_nil
     end
-
-    it "returns nil if token is not found" do
-      expect(api_credential.revoke_token("invalid_token")).to be_nil
-    end
   end
 end