Logout endpoint

grafana · Feb 4, 2025 · 9a9d0ec · 9a9d0ec
1 parent 5a18ed2
commit 9a9d0ec
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/pkg/http/http.go b/pkg/http/http.go
@@ -747,6 +747,18 @@ func (s *Server) AddCatalogHandler(db *database.Catalog) {
 			s.writeJSONResponse(w, r, updated, http.StatusOK)
 		}
 
+		r.Post("/api/users/token/logout", func(w http.ResponseWriter, r *http.Request) {
+			http.SetCookie(w, &http.Cookie{
+				Name:     cookieName,
+				Value:    "",
+				SameSite: http.SameSiteStrictMode,
+				Path:     "/",
+				Expires:  time.Unix(0, 0),
+			})
+
+			w.WriteHeader(http.StatusOK)
+		})
+
 		r.Put("/api/ratings/{id:\\d+}", updateRating)
 		r.Patch("/api/ratings/{id:\\d+}", updateRating)
 
@@ -813,6 +825,8 @@ func (s *Server) AddCatalogHandler(db *database.Catalog) {
 				return
 			}
 
+			user.Password = ""
+			user.Token = ""
 			s.writeJSONResponse(w, r, user, http.StatusCreated)
 		})
 

diff --git a/pkg/model/user.go b/pkg/model/user.go
@@ -45,7 +45,7 @@ type User struct {
 	bun.BaseModel
 	ID                int64  `json:"id" bun:",pk,autoincrement"`
 	Username          string `json:"username" bun:",unique"`
-	Token             string `json:"-" bun:",unique"`
+	Token             string `json:"token,omitempty" bun:",unique"`
 	Password          string `json:"password,omitempty" bun:"-"` // Only used for JSON
 	PasswordHash      string `json:"-"`
 	PasswordPlaintext string `json:"-"` // Only used for users created via testdata.yaml