feat: Enhance logout functionality and update landing page URL

- Improved logout process by integrating `NextRequest` to handle cookies. - Added `getAuthSession` to fetch the current authentication session. - Updated database to remove active session using both JWT and userId. - Cleared authentication caches upon logout. - Enhanced logging to include censored user email. - Updated the landing page URL to `/overview/dashboard`.
ingra-ai · Sep 1, 2024 · 43c524c · 43c524c
1 parent d4d698e
commit 43c524c
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 15 deletions.
diff --git a/apps/auth/app/logout/route.ts b/apps/auth/app/logout/route.ts
@@ -2,37 +2,47 @@
 import { APP_SESSION_COOKIE_NAME } from '@repo/shared/lib/constants';
 import { cookies } from 'next/headers';
 import { APP_AUTH_LOGIN_URL } from '@repo/shared/lib/constants';
-import { RedirectType, redirect } from 'next/navigation';
 import db from '@repo/db/client';
 import { Logger } from '@repo/shared/lib/logger';
+import { clearAuthCaches } from '@repo/shared/data/auth/session/caches';
+import { NextRequest } from 'next/server';
+import { censorEmail } from '@repo/shared/lib/utils';
+import { redirect, RedirectType } from 'next/navigation';
+import { getAuthSession } from '@repo/shared/data/auth/session';
 
-export async function GET() {
-  const cookieStore = cookies();
-  const jwtCookie = cookieStore.get(APP_SESSION_COOKIE_NAME);
+export async function GET(request: NextRequest) {
+  const jwtCookie = request.cookies.get(APP_SESSION_COOKIE_NAME);
+  const authSession = await getAuthSession();
 
-  if (jwtCookie?.value) {
+  if (authSession && jwtCookie?.value) {
     try {
       // Update db to remove active session
-      await db.activeSession.update({
+      const expireActiveSession = db.activeSession.update({
         where: {
           jwt: jwtCookie.value,
+          userId: authSession?.userId
         },
         data: {
           expiresAt: new Date(0),
         },
       });
+
+      // Remove session cookies
+      const cookieStore = cookies();
+      cookieStore.delete(APP_SESSION_COOKIE_NAME);
+      request.cookies.delete(APP_SESSION_COOKIE_NAME);
+
+      await Promise.all([ 
+        expireActiveSession, 
+        clearAuthCaches( authSession ) 
+      ]);
+
+      Logger.withTag('action|logout').info(`${ censorEmail( authSession.user.email ) } has logged out.`);
     } catch (error: any) {
       Logger.withTag('action|logout').error('Error removing session due to logout', { jwt: jwtCookie.value, error });
     }
-
-    // Remove from redis
-    Logger.withTag('action|logout').log('Session removed due to logout', {
-      jwt: jwtCookie.value,
-    });
-
-    // Remove session cookies
-    cookieStore.delete(APP_SESSION_COOKIE_NAME);
   }
 
+  // Redirect to the app
   redirect(APP_AUTH_LOGIN_URL, RedirectType.replace);
 }
diff --git a/packages/shared/src/lib/constants/index.ts b/packages/shared/src/lib/constants/index.ts
@@ -27,7 +27,7 @@ export const APP_AUTH_LOGIN_URL = `${ AUTH_APP_URL }/login`;
 /**
  * When user is logged in and no idea where to land user to.
  */
-export const APP_LANDING_PAGE_URL = `${ HUBS_APP_URL }/overview`;
+export const APP_LANDING_PAGE_URL = `${ HUBS_APP_URL }/overview/dashboard`;
 
 export const APP_LEGAL_PRIVACY_POLICY_URL = 'https://www.ingra.ai/legal/privacy-policy';
 export const APP_LEGAL_TOS_URL = 'https://www.ingra.ai/legal/terms-of-service';