feat(api): Add logout endpoint to clear token cookie (keyshade-xyz#581)

muntaxir4 · Jan 1, 2025 · 2605004 · 2605004
1 parent f83b952
commit 2605004
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 0 deletions.
diff --git a/api-collection/Auth Controller/Logout.bru b/api-collection/Auth Controller/Logout.bru
@@ -0,0 +1,18 @@
+meta {
+  name: Logout
+  type: http
+  seq: 6
+}
+
+post {
+  url: {{BASE_URL}}/api/auth/logout
+  body: none
+  auth: none
+}
+
+
+docs {
+  ## Description
+
+  This endpoint clears the token cookie, ensuring the user is logged out securely.
+}
diff --git a/apps/api/src/auth/controller/auth.controller.ts b/apps/api/src/auth/controller/auth.controller.ts
@@ -207,4 +207,10 @@ export class AuthController {
       )
     }
   }
+
+  @Post('logout')
+  async logout(@Res() res: Response): Promise<void> {
+    await this.authService.logout(res)
+    res.status(HttpStatus.OK).send({ message: 'Logged out successfully' })
+  }
 }
diff --git a/apps/api/src/auth/service/auth.service.ts b/apps/api/src/auth/service/auth.service.ts
@@ -17,6 +17,7 @@ import { CacheService } from '@/cache/cache.service'
 import { generateOtp } from '@/common/util'
 import { createUser, getUserByEmailOrId } from '@/common/user'
 import { UserWithWorkspace } from '@/user/user.types'
+import { Response } from 'express'
 
 @Injectable()
 export class AuthService {
@@ -219,4 +220,15 @@ export class AuthService {
   private async generateToken(id: string) {
     return await this.jwt.signAsync({ id })
   }
+
+  /**
+   * Clears the token cookie on logout
+   * @param res The response object
+   */
+  async logout(res: Response): Promise<void> {
+    res.clearCookie('token', {
+      domain: process.env.DOMAIN ?? 'localhost'
+    })
+    this.logger.log('User logged out and token cookie cleared.')
+  }
 }