app/routes/auth/logout.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

from fastapi import APIRouter, Depends, Response
from sqlalchemy.ext.asyncio import AsyncSession

from app.auth.dependencies import get_current_user
from app.models.user import User
from app.utils.db import get_async_session
from app.utils.logger_cfg import logger

router = APIRouter(tags=["auth"])


COOKIE_KWARGS = {
    "httponly": True,
    "secure": False,
    "samesite": "lax",
    "path": "/",
}


@router.post("/logout")
async def logout(
    response: Response,
    session: AsyncSession = Depends(get_async_session),
    user: User = Depends(get_current_user),
):
    response.delete_cookie("access_token", **COOKIE_KWARGS)
    response.delete_cookie("refresh_token", **COOKIE_KWARGS)

    user.token_version += 1
    session.add(user)
    await session.commit()

    logger.info("User logged out everywhere | user_id={}", user.id)

    return {"message": "Logged out successfully"}