diff --git a/client/admin/dashboardPage.html b/client/admin/dashboardPage.html index 4163b13..c9f55c7 100644 --- a/client/admin/dashboardPage.html +++ b/client/admin/dashboardPage.html @@ -641,10 +641,9 @@

Details

try { // GET request to our logout endpoint /v1/admin/logout let response = await fetch(`/v1/admin/logout`, { - method: "GET", + method: "DELETE", headers: { "Content-type": "application/json", - Authorization: `Bearer ${token}`, }, }); // if the response is not ok, throw an error diff --git a/routes/admin.routes.js b/routes/admin.routes.js index f3ba84a..58aebbe 100644 --- a/routes/admin.routes.js +++ b/routes/admin.routes.js @@ -17,6 +17,8 @@ import { loginSchema } from "../services/admin/users/schema/loginSchema.js"; import { tokenRefreshHandler, tokenRefreshDeleteHandler } from "../services/admin/users/refresh.js"; import { refreshSchema } from "../services/admin/users/schema/refreshSchema.js"; +import { logoutHandler } from "../services/admin/users/logout.js"; + import { authenticateAdminRequest, authenticateWebAdminRequest } from "../utils/authenticate.js"; const adminRoutes = async function (fastify, options) { @@ -28,6 +30,7 @@ const adminRoutes = async function (fastify, options) { fastify.post("/login", loginSchema, loginHandler); fastify.post("/refresh", refreshSchema, tokenRefreshHandler); fastify.delete("/refresh", refreshSchema, tokenRefreshDeleteHandler); + fastify.delete("/logout", logoutHandler); //admin web user interface routes fastify.get("/dashboard", { onRequest: [authenticateWebAdminRequest] }, (request, reply) => { diff --git a/services/admin/users/logout.js b/services/admin/users/logout.js new file mode 100644 index 0000000..822f2ef --- /dev/null +++ b/services/admin/users/logout.js @@ -0,0 +1,14 @@ +import config from "../../../config.js"; + +export const logoutHandler = async function (request, reply) { + try { + reply.headers({ + "set-cookie": [`adminDashboardAccessToken=; Path=/; Expires=;`], + "x-authc-app-origin": config.ADMINORIGIN, + }); + + reply.code(204); + } catch (err) { + throw { statusCode: err.statusCode, message: err.message }; + } +};