From 204c4f48451030596116f04d2a620b21916b2929 Mon Sep 17 00:00:00 2001
From: Backend IM Bot <bot@backend.im>
Date: Fri, 21 Mar 2025 09:13:10 +0100
Subject: [PATCH] Update code in endpoints/logout.post.py

---
 endpoints/logout.post.py | 39 ++++++++++++++++++++++-----------------
 1 file changed, 22 insertions(+), 17 deletions(-)

diff --git a/endpoints/logout.post.py b/endpoints/logout.post.py
index 948ec52..222f6ef 100644
--- a/endpoints/logout.post.py
+++ b/endpoints/logout.post.py
@@ -5,25 +5,30 @@ router = APIRouter()
 
 @router.post("/logout")
 async def logout_handler(
-    session_id: str,
-    access_token: str = Depends(...),
-    refresh_token: str = Depends(...),
-    db: Session = Depends(get_db)
+    username: str,
+    db: Session = Depends(get_db),
+    token: str = Depends(oauth2_scheme)
 ):
     """Demo logout endpoint"""
-    user = fake_users_db.get(session_id)
+    user = fake_users_db.get(username)
     if not user:
-        raise HTTPException(status_code=400, detail="Invalid session")
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    # Clear access token
+    access_tokens = user.get("access_tokens", [])
+    access_tokens = [t for t in access_tokens if t != token]
+    user["access_tokens"] = access_tokens
+    
+    # Clear refresh token
+    user["refresh_token"] = None
     
     # Clear session data
-    user["session_id"] = None
-    user["access_token"] = None 
-    user["refresh_token"] = None
-
-    # Clear cookies
-    response = JSONResponse(content={"message": "Logout successful"})
-    response.delete_cookie("access_token")
-    response.delete_cookie("refresh_token")
-    response.delete_cookie("session_id")
-
-    return response
\ No newline at end of file
+    user["session"] = {}
+    
+    return {
+        "message": "Logout successful",
+        "user": username,
+        "next_steps": [
+            "Redirect to login page"
+        ]
+    }
\ No newline at end of file