fix(auth): changes to how logout is handled, will now disconnect user from authentik for app only.

2026-01-26 16:27:11 -05:00 · 2026-01-26 16:27:11 -05:00 · 0b31fc829b
commit 0b31fc829b
parent 9c9554cae6
1 changed files with 20 additions and 5 deletions
--- a/src/identity-and-account/authentication/controllers/auth.controller.ts
+++ b/src/identity-and-account/authentication/controllers/auth.controller.ts
@ -1,4 +1,4 @@
-import { Controller, Get, Req, Res, UnauthorizedException, UseGuards } from '@nestjs/common';
+import { Controller, Get, Post, Req, Res, UnauthorizedException, UseGuards } from '@nestjs/common';
 import { OIDCLoginGuard } from '../guards/authentik-auth.guard';
 import { Request, Response } from 'express';
 import { UsersService } from 'src/identity-and-account/users-management/services/users.service';
@ -11,16 +11,16 @@ export class AuthController {
    ) { }

    @UseGuards(OIDCLoginGuard)
-    @Get('/v1/login')
+    @Get('v1/login')
    login() { }

-    @Get('/callback')
+    @Get('callback')
    @UseGuards(OIDCLoginGuard)
    loginCallback(@Req() req: Request, @Res() res: Response) {
        res.redirect(process.env.REDIRECT_URL_DEV!);
    }

-    @Get('/me')
+    @Get('me')
    async getProfile(
        @Access('email') email: string,
        @Req() req: Request) {
@ -30,4 +30,19 @@ export class AuthController {
        return this.usersService.findOneByEmail(email);
    }

+    @Post('logout')
+    logout(
+        @Req() request: Request,
+        @Res() response: Response,
+    ) {
+        request.session.destroy(error => {
+            if (error) {
+                console.error('error during logout: ', error, 'user: ', request.user);
+            }
+
+            response.clearCookie('connect.sid', {
+                path: '/',
+            });
+        })
+    }
 }