From 013ae64b889dfbdca0cc3ecbab8cf25bb41527d6 Mon Sep 17 00:00:00 2001
From: Midgard <midgard@zeus.ugent.be>
Date: Thu, 26 Mar 2020 17:57:42 +0100
Subject: [PATCH] Verify token is invalidated and forget it

---
 ajax.js |  6 +++---
 main.js | 29 ++++++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/ajax.js b/ajax.js
index d5c67a7..1a4bae3 100644
--- a/ajax.js
+++ b/ajax.js
@@ -1,9 +1,9 @@
 const ajax = (function() { "use strict";
 
 class AjaxError extends Error {
-	constructor (message, response, ...rest) {
+	constructor (message, xhr, ...rest) {
 		super(message, ...rest);
-		this.response = response;
+		this.xhr = xhr;
 	}
 }
 class NetworkError extends AjaxError {}
@@ -61,7 +61,7 @@ function xhrParseJsonResponse(xhr) {
 		if (xhr.status === 0) {
 			throw new NetworkError("Failed to connect to server. Developer console may have more information", xhr);
 		} else {
-			throw new NotOkError(xhr.statusText, xhr);
+			throw new NotOkError(`${xhr.status} ${xhr.statusText}`, xhr);
 		}
 	}
 
diff --git a/main.js b/main.js
index dc3df31..7bbd88a 100644
--- a/main.js
+++ b/main.js
@@ -93,7 +93,24 @@ class MattermostClient {
 			throw Error("No token stored");
 		}
 		const response = await this.api.post("/users/logout", undefined, stored.token);
-		//this.storage.clear(this.api.id);
+
+		// Verify that the token is now invalidated
+		let tokenWorks;
+		try {
+			const meResponse = await this.usersMe();
+			tokenWorks = true;
+		} catch (e) {
+			if (e instanceof ajax.NotOkError && e.xhr.status == 401) {
+				tokenWorks = false;
+			} else {
+				throw e;
+			}
+		}
+		if (tokenWorks) {
+			throw new Error("Failed to log out: token still works after trying to log out");
+		}
+
+		this.storage.clear(this.api.id);
 		return response.responseJson;
 	}
 
@@ -105,6 +122,16 @@ class MattermostClient {
 		const response = await this.api.get("/users/me", stored.token);
 		return response.responseJson;
 	}
+
+	async myTeams() {
+		const response = await this.api.get("/users/me/teams", stored.token);
+		return response.responseJson;
+	}
+
+	async myChannels(team_id) {
+		const response = await this.api.get(`/users/me/teams/${team_id}/channels`, stored.token);
+		return response.responseJson;
+	}
 }