From 2ebe14987207d3bcb798981e09b072d017a1c7c9 Mon Sep 17 00:00:00 2001
From: 24c02 <163450896+24c02@users.noreply.github.com>
Date: Sun, 28 Dec 2025 16:07:56 -0500
Subject: [PATCH] add revocation ctl

---
 app/controllers/api/revocations_controller.rb | 32 +++++++++++++++++++
 config/routes.rb                              |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 app/controllers/api/revocations_controller.rb

diff --git a/app/controllers/api/revocations_controller.rb b/app/controllers/api/revocations_controller.rb
new file mode 100644
index 0000000..9d6bd32
--- /dev/null
+++ b/app/controllers/api/revocations_controller.rb
@@ -0,0 +1,32 @@
+class API::RevocationsController < ActionController::API
+  def create
+    a = request.headers["authorization"]
+    return head 401 unless a.present? && ActiveSupport::SecurityUtils.secure_compare(a, Rails.application.credentials.revoker_key)
+    t = params[:token]
+    return head 400 unless t.present?
+
+    public_api_key = Public::APIKey.accessible.find_by(token: t)
+
+    if public_api_key.present?
+      user = public_api_key.public_user
+      return render json: {
+        success: true,
+        owner_email: user.email
+      }
+    end
+
+    internal_api_key = APIKey.accessible.find_by(token: t)
+
+    if internal_api_key.present?
+      user = internal_api_key.user
+      return render json: {
+        success: true,
+        owner_email: user.email
+      }
+    end
+
+    render json: {
+      success: false
+    }
+  end
+end
diff --git a/config/routes.rb b/config/routes.rb
index 7ffed14..5ae4c0f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -645,6 +645,7 @@ Rails.application.routes.draw do
 
   scope :api do
     defaults format: :json do
+      post "revoke", to: "api/revocations#create"
       namespace :public do
         scope "", module: :api do
           namespace :v1 do