logout form w/ back to root page

2026-03-13 12:01:29 +01:00
parent b0013f9962
commit 0bc9384b6a
2 changed files with 7 additions and 0 deletions
--- a/src/api/auth.rs
+++ b/src/api/auth.rs
@@ -53,3 +53,9 @@ pub async fn logout(headers: HeaderMap) -> Result<Response, AuthError> {
    let cookie = format!("{COOKIE_NAME}=revoking; Path=/; HttpOnly; Max-Age=0");
    Ok(([(header::SET_COOKIE, cookie)], "Logged out!").into_response())
 }
+pub async fn logout_form(headers: HeaderMap) -> Result<Response, AuthError> {
+    let mut s = Session::authenticate(&headers)?.required()?;
+    s.revoke(Some(&User::get_by_id(s.user_id)?))?;
+    let cookie = format!("{COOKIE_NAME}=revoking; Path=/; HttpOnly; Max-Age=0");
+    Ok(([(header::SET_COOKIE, cookie)], Redirect::to("/")).into_response())
+}
--- a/src/api/mod.rs
+++ b/src/api/mod.rs
@@ -26,6 +26,7 @@ pub fn api_router() -> Router {
        .route("/api/auth/login", post(auth::login))
        .route("/api/auth/login-form", post(auth::login_form))
        .route("/api/auth/logout", post(auth::logout))
+        .route("/api/auth/logout-form", post(auth::logout_form))
        // users
        .route("/api/users", get(users::get_all))
        .route("/api/users", post(users::create))