fix: remove session on logout

2026-01-10 04:05:57 -08:00 · 2024-09-05 19:49:22 -07:00
parent f86eba8e55
commit e9348c127b
1 changed files with 16 additions and 11 deletions
--- a/src/server/routes/api/auth/logout.ts
+++ b/src/server/routes/api/auth/logout.ts
@@ -1,3 +1,4 @@
+import { prisma } from '@/lib/db';
 import { userMiddleware } from '@/server/middleware/user';
 import { getSession } from '@/server/session';
 import fastifyPlugin from 'fastify-plugin';
@@ -9,18 +10,22 @@ export type ApiLogoutResponse = {
 export const PATH = '/api/auth/logout';
 export default fastifyPlugin(
  (server, _, done) => {
-    server.route<{
-      Body: Body;
-    }>({
-      url: PATH,
-      method: ['GET'],
-      preHandler: [userMiddleware],
-      handler: async (req, res) => {
-        const session = await getSession(req, res);
-        session.destroy();
+    server.get(PATH, { preHandler: [userMiddleware] }, async (req, res) => {
+      const current = await getSession(req, res);

-        return res.send({ loggedOut: true });
-      },
+      await prisma.user.update({
+        where: {
+          id: req.user.id,
+        },
+        data: {
+          sessions: {
+            set: req.user.sessions.filter((session) => session !== current.sessionId),
+          },
+        },
+      });
+
+      current.destroy();
+      return res.send({ loggedOut: true });
    });

    done();