from fastapi import APIRouter, Depends, HTTPException
from core.database import fake_users_db

router = APIRouter()

@router.post("/logout")
async def logout_handler(
    token: str = Depends(oauth2_scheme),
    db: Session = Depends(get_db)
):
    """Demo logout endpoint"""
    user = get_user_from_token(token, db)
    if not user:
        raise HTTPException(status_code=401, detail="Invalid token")
    
    fake_users_db[user["username"]]["disabled"] = True
    
    return {
        "message": "Logout successful",
        "user": user["username"],
        "next_steps": [
            "Clear browser cookies",
            "Revoke refresh token"
        ]
    }