logout form w/ back to root page

src/api/auth.rs

@@ -53,3 +53,9 @@ pub async fn logout(headers: HeaderMap) -> Result<Response, AuthError> {
     let cookie = format!("{COOKIE_NAME}=revoking; Path=/; HttpOnly; Max-Age=0");
     Ok(([(header::SET_COOKIE, cookie)], "Logged out!").into_response())
 }
+pub async fn logout_form(headers: HeaderMap) -> Result<Response, AuthError> {
+    let mut s = Session::authenticate(&headers)?.required()?;
+    s.revoke(Some(&User::get_by_id(s.user_id)?))?;
+    let cookie = format!("{COOKIE_NAME}=revoking; Path=/; HttpOnly; Max-Age=0");
+    Ok(([(header::SET_COOKIE, cookie)], Redirect::to("/")).into_response())
+}

src/api/mod.rs

@@ -26,6 +26,7 @@ pub fn api_router() -> Router {
         .route("/api/auth/login", post(auth::login))
         .route("/api/auth/login-form", post(auth::login_form))
         .route("/api/auth/logout", post(auth::logout))
+        .route("/api/auth/logout-form", post(auth::logout_form))
         // users
         .route("/api/users", get(users::get_all))
         .route("/api/users", post(users::create))