From 0dda336de1eb098528c8c113b25b833913fb8c27 Mon Sep 17 00:00:00 2001 From: Polianin Nikita Date: Mon, 4 Nov 2024 02:32:13 +0300 Subject: [PATCH] fix: logout for all users to delete cookies --- Endpoint/Controllers/V1/AuthController.cs | 1 - Security/Services/AuthService.cs | 6 ++++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Endpoint/Controllers/V1/AuthController.cs b/Endpoint/Controllers/V1/AuthController.cs index dafe3b7..25961ed 100644 --- a/Endpoint/Controllers/V1/AuthController.cs +++ b/Endpoint/Controllers/V1/AuthController.cs @@ -85,7 +85,6 @@ public class AuthController(IOptionsSnapshot user, AuthService auth, Pass public async Task Logout() { await auth.LogoutAsync(GetCookieParams(), HttpContext); - return Ok(); } diff --git a/Security/Services/AuthService.cs b/Security/Services/AuthService.cs index cb50c5b..7da44ab 100644 --- a/Security/Services/AuthService.cs +++ b/Security/Services/AuthService.cs @@ -193,6 +193,10 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I public async Task LogoutAsync(CookieOptionsParameters cookieOptions, HttpContext context, CancellationToken cancellation = default) { var requestContext = new RequestContextInfo(context, cookieOptions); + + cookieOptions.DropCookie(context, CookieNames.AccessToken); + cookieOptions.DropCookie(context, CookieNames.RefreshToken); + var authTokenStruct = await cache.GetAsync(GetAuthCacheKey(requestContext.Fingerprint), cancellation); if (authTokenStruct == null) @@ -200,7 +204,5 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I await RevokeAccessToken(authTokenStruct.AccessToken); await cache.RemoveAsync(requestContext.Fingerprint, cancellation); - cookieOptions.DropCookie(context, CookieNames.AccessToken); - cookieOptions.DropCookie(context, CookieNames.RefreshToken); } } \ No newline at end of file