notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[backend/api] Add logout endpoint (ISH-664)

Browse source
This commit is contained in:
Laura Hausmann 2024-12-14 22:09:57 +01:00
parent 71cfa9e501
commit eab83fb500
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 14 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
Iceshrimp.Backend/Controllers/Web/AuthController.cs
View file

@ -43,8 +43,8 @@ public class AuthController(DatabaseContext db, UserService userSvc, UserRendere
Justification = "Argon2 is execution time-heavy by design")]
public async Task<AuthResponse> Login([FromBody] AuthRequest request)
{
var user = await db.Users.FirstOrDefaultAsync(p => p.IsLocalUser &&
p.UsernameLower == request.Username.ToLowerInvariant());
var user = await db.Users.FirstOrDefaultAsync(p => p.IsLocalUser
&& p.UsernameLower == request.Username.ToLowerInvariant());
if (user == null)
throw GracefulException.Forbidden("Invalid username or password");
if (user.IsSystemUser)
@ -114,6 +114,17 @@ public class AuthController(DatabaseContext db, UserService userSvc, UserRendere
return await GetAuthResponse(session, user);
}
[HttpPost("logout")]
[Authenticate]
[Authorize]
[ProducesResults(HttpStatusCode.OK)]
public async Task Logout()
{
var session = HttpContext.GetSessionOrFail();
db.Remove(session);
await db.SaveChangesAsync();
}
[HttpPost("change-password")]
[Authenticate]
[Authorize]