[backend/api] Add logout endpoint (ISH-664)

Iceshrimp.Backend/Controllers/Web/AuthController.cs

@@ -43,8 +43,8 @@ public class AuthController(DatabaseContext db, UserService userSvc, UserRendere
 	                 Justification = "Argon2 is execution time-heavy by design")]
 	public async Task<AuthResponse> Login([FromBody] AuthRequest request)
 	{
-		var user = await db.Users.FirstOrDefaultAsync(p => p.IsLocalUser &&
+		var user = await db.Users.FirstOrDefaultAsync(p => p.IsLocalUser
-		                                                   p.UsernameLower == request.Username.ToLowerInvariant());
+		                                                   && p.UsernameLower == request.Username.ToLowerInvariant());
 		if (user == null)
 			throw GracefulException.Forbidden("Invalid username or password");
 		if (user.IsSystemUser)
@@ -114,6 +114,17 @@ public class AuthController(DatabaseContext db, UserService userSvc, UserRendere
 		return await GetAuthResponse(session, user);
 	}
 
+	[HttpPost("logout")]
+	[Authenticate]
+	[Authorize]
+	[ProducesResults(HttpStatusCode.OK)]
+	public async Task Logout()
+	{
+		var session = HttpContext.GetSessionOrFail();
+		db.Remove(session);
+		await db.SaveChangesAsync();
+	}
+
 	[HttpPost("change-password")]
 	[Authenticate]
 	[Authorize]