Update code in endpoints/logout.post.py

2025-03-21 09:19:06 +01:00 · 2025-03-21 09:19:06 +01:00 · ad658c36a2
commit ad658c36a2
parent 204c4f4845
1 changed files with 10 additions and 22 deletions
--- a/endpoints/logout.post.py
+++ b/endpoints/logout.post.py
@ -5,30 +5,18 @@ router = APIRouter()

@router.post("/logout")
 async def logout_handler(
-    username: str,
-    db: Session = Depends(get_db),
-    token: str = Depends(oauth2_scheme)
+    token: str = Depends(oauth2_scheme),
+    db: Session = Depends(get_db)
 ):
    """Demo logout endpoint"""
-    user = fake_users_db.get(username)
+    user = get_user_by_token(token, db)
    if not user:
-        raise HTTPException(status_code=404, detail="User not found")
+        raise HTTPException(status_code=401, detail="Invalid authentication credentials")
    
-    # Clear access token
-    access_tokens = user.get("access_tokens", [])
-    access_tokens = [t for t in access_tokens if t != token]
-    user["access_tokens"] = access_tokens
+    # Clear access token, refresh token and session from cookies
+    response = RedirectResponse(url="/")
+    response.delete_cookie("access_token")
+    response.delete_cookie("refresh_token")
+    response.delete_cookie("session_id")
    
-    # Clear refresh token
-    user["refresh_token"] = None
-    
-    # Clear session data
-    user["session"] = {}
-    
-    return {
-        "message": "Logout successful",
-        "user": username,
-        "next_steps": [
-            "Redirect to login page"
-        ]
-    }
+    return response