diff --git a/endpoints/logout.post.py b/endpoints/logout.post.py index fb68074..5275863 100644 --- a/endpoints/logout.post.py +++ b/endpoints/logout.post.py @@ -5,34 +5,21 @@ router = APIRouter() @router.post("/logout") async def logout_handler( - token: str = Depends(oauth2_scheme), - db: Session = Depends(get_db) + user_id: str = Depends(get_current_user_id) ): """Demo logout endpoint""" - user = get_user_from_token(token, db) - if not user: - raise HTTPException(status_code=401, detail="Invalid authentication credentials") - - # Clear access token - access_tokens_db.pop(token, None) - - # Clear refresh token - refresh_token = user.refresh_token - if refresh_token: - refresh_tokens_db.pop(refresh_token, None) - user.refresh_token = None - - # Clear session data - session_id = user.session_id - if session_id: - sessions_db.pop(session_id, None) - user.session_id = None - - db.commit() - + if user_id not in fake_users_db: + raise HTTPException(status_code=404, detail="User not found") + + # Clear access token, refresh token and session + fake_users_db[user_id]["access_token"] = None + fake_users_db[user_id]["refresh_token"] = None + fake_users_db[user_id]["session"] = None + return { "message": "Logout successful", "next_steps": [ + "Clear client-side session data", "Redirect to login page" ] } \ No newline at end of file