summaryrefslogtreecommitdiff
path: root/app/routes/auth/logout.py
diff options
context:
space:
mode:
Diffstat (limited to 'app/routes/auth/logout.py')
-rw-r--r--app/routes/auth/logout.py35
1 files changed, 35 insertions, 0 deletions
diff --git a/app/routes/auth/logout.py b/app/routes/auth/logout.py
new file mode 100644
index 0000000..a55ea9e
--- /dev/null
+++ b/app/routes/auth/logout.py
@@ -0,0 +1,35 @@
+from fastapi import APIRouter, Depends, Response
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.auth.dependencies import get_current_user
+from app.models.user import User
+from app.utils.db import get_async_session
+from app.utils.logger_cfg import logger
+
+router = APIRouter(tags=["auth"])
+
+
+COOKIE_KWARGS = {
+ "httponly": True,
+ "secure": False,
+ "samesite": "lax",
+ "path": "/",
+}
+
+
+@router.post("/logout")
+async def logout(
+ response: Response,
+ session: AsyncSession = Depends(get_async_session),
+ user: User = Depends(get_current_user),
+):
+ response.delete_cookie("access_token", **COOKIE_KWARGS)
+ response.delete_cookie("refresh_token", **COOKIE_KWARGS)
+
+ user.token_version += 1
+ session.add(user)
+ await session.commit()
+
+ logger.info("User logged out everywhere | user_id={}", user.id)
+
+ return {"message": "Logged out successfully"}
generated by cgit v1.3-3-g829e (git 2.53.0) at 2026-05-05 13:10:47 +0000