From 4848a9e9394b283022085a6305d00f94b11cd703 Mon Sep 17 00:00:00 2001
From: l3wdfut4pwr <l3wdfut4pwr@gmail.com>
Date: Mon, 27 Apr 2026 13:45:09 +0300
Subject: add username change and logout

---
 app/routes/auth/logout.py | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 app/routes/auth/logout.py

(limited to 'app/routes/auth/logout.py')

diff --git a/app/routes/auth/logout.py b/app/routes/auth/logout.py
new file mode 100644
index 0000000..a55ea9e
--- /dev/null
+++ b/app/routes/auth/logout.py
@@ -0,0 +1,35 @@
+from fastapi import APIRouter, Depends, Response
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.auth.dependencies import get_current_user
+from app.models.user import User
+from app.utils.db import get_async_session
+from app.utils.logger_cfg import logger
+
+router = APIRouter(tags=["auth"])
+
+
+COOKIE_KWARGS = {
+    "httponly": True,
+    "secure": False,
+    "samesite": "lax",
+    "path": "/",
+}
+
+
+@router.post("/logout")
+async def logout(
+    response: Response,
+    session: AsyncSession = Depends(get_async_session),
+    user: User = Depends(get_current_user),
+):
+    response.delete_cookie("access_token", **COOKIE_KWARGS)
+    response.delete_cookie("refresh_token", **COOKIE_KWARGS)
+
+    user.token_version += 1
+    session.add(user)
+    await session.commit()
+
+    logger.info("User logged out everywhere | user_id={}", user.id)
+
+    return {"message": "Logged out successfully"}
-- 
cgit v1.3-3-g829e