logout

2026-01-14 09:05:01 +01:00 · 2025-07-27 13:16:41 +02:00 · 2025-07-27 13:16:41 +02:00 · ac63b318d4
commit ac63b318d4
parent 42e44c9db9
3 changed files with 28 additions and 1 deletions
--- a/idp/src/main.rs
+++ b/idp/src/main.rs
@ -60,6 +60,7 @@ async fn main() -> Result<()> {
    let app = Router::<Db>::new()
        .route("/style.css", get(style_css))
        .route("/", get(root))
+        .route("/logout", post(logout))
        .route("/signup", get(signup).post(signup_post))
        .route("/login", get(login).post(login_post))
        .route("/login-2fa", get(login_2fa).post(login_2fa_post))
@ -169,6 +170,26 @@ async fn login_2fa() -> impl IntoResponse {
    )
 }

+async fn logout(
+    State(db): State<Db>,
+
+    jar: CookieJar,
+    user: UserSession,
+) -> Result<Response, Response> {
+    let Some(user) = user.0 else {
+        return Ok(Redirect::to("/").into_response());
+    };
+
+    session::delete_session(&db, user.user_id, user.session_public_id)
+        .await
+        .map_err(|err| {
+            error!(?err, "Error deleting session for logout");
+            StatusCode::INTERNAL_SERVER_ERROR.into_response()
+        })?;
+
+    Ok((jar.remove(SESSION_ID_COOKIE_NAME), Redirect::to("/")).into_response())
+}
+
 async fn list_2fa(user: UserSession, State(db): State<Db>) -> Result<impl IntoResponse, Response> {
    let Some(user) = user.0 else {
        return Err(Redirect::to("/").into_response());
--- a/idp/src/session.rs
+++ b/idp/src/session.rs
@ -16,13 +16,14 @@ pub struct SessionWithUser {
    #[expect(dead_code)]
    pub created: i64,
    pub username: String,
+    pub session_public_id: i64,
 }

 pub struct SessionId(pub String);

 pub async fn find_session(db: &Db, session_id: &str) -> Result<Option<SessionWithUser>> {
    let result = sqlx::query_as::<_, SessionWithUser>(
-        "select user_id, created, username from sessions left join users on sessions.user_id = users.id where session_id = ? and locked_2fa = false",
+        "select user_id, session_public_id, created, username from sessions left join users on sessions.user_id = users.id where session_id = ? and locked_2fa = false",
    )
    .bind(session_id)
    .fetch_one(&db.pool)
--- a/idp/templates/index.html
+++ b/idp/templates/index.html
@ -18,6 +18,11 @@
    </div>
    {% if let Some(username) = username %}
    <p>Hello, {{username}}!</p>
+    <div>
+      <form action="/logout" method="post">
+        <button type="submit">Logout</button>
+      </form>
+    </div>
    {% endif %}
    <p>Login</p>
    <div>