Skip to content

unAuthorize

It is to remove user data from our database when user chooses to log out. Some CRMs have token invalidation mechanism, if so, please implement that as well.

Request parameters

Parameter Description
user An object describing the Chrome extension user associated with the action that triggered this interface.

Return value(s)

Parameter Description
returnMessage message, messageType and ttl

Example

{
  returnMessage:{
    message: 'Successfully unauthorized',
    messageType: 'success', // 'success', 'warning' or 'danger'
    ttl: 30000 // in miliseconds
  }
}

Reference

const axios = require('axios');

async function unAuthorize({ user }) {
    //--------------------------------------
    //--- TODO: Add CRM API call here ------
    //--------------------------------------
    // const revokeUrl = 'https://api.crm.com/oauth/unauthorize';
    // const revokeBody = {
    //     token: user.accessToken
    // }
    // const accessTokenRevokeRes = await axios.post(
    //     revokeUrl,
    //     revokeBody,
    //     {
    //         headers: { 'Authorization': `Basic ${getBasicAuth({ apiKey: user.accessToken })}` }
    //     });
    await user.destroy();
    return {
        returnMessage: {
            messageType: 'success',
            message: 'Logged out of TestCRM',
            ttl: 1000
        }
    }

    //--------------------------------------------------------------
    //--- CHECK: Open db.sqlite to check if user info is removed ---
    //--------------------------------------------------------------
}

module.exports = unAuthorize;

    }
}

async function unAuthorize({ user }) {
    const revokeUrl = 'https://oauth.pipedrive.com/oauth/revoke';
    const basicAuthHeader = Buffer.from(`${process.env.PIPEDRIVE_CLIENT_ID}:${process.env.PIPEDRIVE_CLIENT_SECRET}`).toString('base64');
    const refreshTokenParams = new url.URLSearchParams({
        token: user.refreshToken
    });
    await axios.post(
        revokeUrl,
        refreshTokenParams,
        {
            headers: { 'Authorization': `Basic ${basicAuthHeader}` }
        });
    const accessTokenParams = new url.URLSearchParams({
        token: user.accessToken
    });
    await axios.post(
        revokeUrl,
        accessTokenParams,
        {
            headers: { 'Authorization': `Basic ${basicAuthHeader}` }
        });
    // remove user credentials
    user.accessToken = '';
    user.refreshToken = '';
    try {
        await user.save();
    }
    catch (error) {
        return handleDatabaseError(error, 'Error saving user');
    }