From 9a3bf6aa63dcfd278781e3a63bae78f2c73156d0 Mon Sep 17 00:00:00 2001 From: Shreyam Kundu Date: Sat, 7 Dec 2024 12:36:41 +0530 Subject: [PATCH 1/3] feat: add logout endpoint to clear token cookie --- apps/api/src/auth/controller/auth.controller.ts | 7 +++++++ apps/api/src/auth/service/auth.service.ts | 12 ++++++++++++ 2 files changed, 19 insertions(+) diff --git a/apps/api/src/auth/controller/auth.controller.ts b/apps/api/src/auth/controller/auth.controller.ts index d3411477..95454b5f 100644 --- a/apps/api/src/auth/controller/auth.controller.ts +++ b/apps/api/src/auth/controller/auth.controller.ts @@ -207,4 +207,11 @@ export class AuthController { ) } } + + /* istanbul ignore next */ + @Post('logout') + async logout(@Res() res: Response): Promise { + await this.authService.logout(res) + res.status(HttpStatus.OK).send({ message: 'Logged out successfully' }) + } } diff --git a/apps/api/src/auth/service/auth.service.ts b/apps/api/src/auth/service/auth.service.ts index 2fec728c..702ab4c6 100644 --- a/apps/api/src/auth/service/auth.service.ts +++ b/apps/api/src/auth/service/auth.service.ts @@ -17,6 +17,7 @@ import { CacheService } from '@/cache/cache.service' import { generateOtp } from '@/common/util' import { createUser, getUserByEmailOrId } from '@/common/user' import { UserWithWorkspace } from '@/user/user.types' +import { Response } from 'express' @Injectable() export class AuthService { @@ -219,4 +220,15 @@ export class AuthService { private async generateToken(id: string) { return await this.jwt.signAsync({ id }) } + + /** + * Clears the token cookie on logout + * @param res The response object + */ + async logout(res: Response): Promise { + res.clearCookie('token', { + domain: process.env.DOMAIN ?? 'localhost' + }) + this.logger.log('User logged out and token cookie cleared.') + } } From 167bb4e834091a802a43c8d0a4f45b49a55c8d47 Mon Sep 17 00:00:00 2001 From: Shreyam Kundu <152320199+ShreyamKundu@users.noreply.github.com> Date: Sat, 7 Dec 2024 13:21:42 +0530 Subject: [PATCH 2/3] Update auth.controller.ts --- apps/api/src/auth/controller/auth.controller.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/apps/api/src/auth/controller/auth.controller.ts b/apps/api/src/auth/controller/auth.controller.ts index 95454b5f..12c10a7d 100644 --- a/apps/api/src/auth/controller/auth.controller.ts +++ b/apps/api/src/auth/controller/auth.controller.ts @@ -208,7 +208,6 @@ export class AuthController { } } - /* istanbul ignore next */ @Post('logout') async logout(@Res() res: Response): Promise { await this.authService.logout(res) From 86dafba6b32dd1e8566793ef4263305ef93a0d90 Mon Sep 17 00:00:00 2001 From: Shreyam Kundu Date: Sat, 7 Dec 2024 13:46:34 +0530 Subject: [PATCH 3/3] feat: add logout request to auth controller in bruno --- api-collection/Auth Controller/Logout.bru | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 api-collection/Auth Controller/Logout.bru diff --git a/api-collection/Auth Controller/Logout.bru b/api-collection/Auth Controller/Logout.bru new file mode 100644 index 00000000..3b1542c4 --- /dev/null +++ b/api-collection/Auth Controller/Logout.bru @@ -0,0 +1,18 @@ +meta { + name: Logout + type: http + seq: 6 +} + +post { + url: {{BASE_URL}}/api/auth/logout + body: none + auth: none +} + + +docs { + ## Description + + This endpoint clears the token cookie, ensuring the user is logged out securely. +} \ No newline at end of file