ATlast — you'll never need to find your favorites on another platform again. Find your favs in the ATmosphere.
byarielm.fyi
atproto
1import { ApiError } from "./core/errors";
2import { SimpleHandler } from "./core/types/api.types";
3import { SessionService } from "./services/SessionService";
4import { getOAuthConfig } from "./infrastructure/oauth";
5import { extractSessionId } from "./core/middleware";
6import { withErrorHandling } from "./core/middleware";
7
8const logoutHandler: SimpleHandler = async (event) => {
9 if (event.httpMethod !== "POST") {
10 throw new ApiError(
11 "Method not allowed",
12 405,
13 `Only POST method is supported for ${event.path}`,
14 );
15 }
16
17 console.log("[logout] Starting logout process...");
18
19 const sessionId = extractSessionId(event);
20 console.log("[logout] Session ID from cookie:", sessionId);
21
22 if (sessionId) {
23 await SessionService.deleteSession(sessionId, event);
24 console.log("[logout] Successfully deleted session:", sessionId);
25 }
26
27 const config = getOAuthConfig(event);
28 const isDev = config.clientType === "loopback";
29 const cookieName = isDev ? "atlast_session_dev" : "atlast_session";
30
31 const cookieFlags = isDev
32 ? `HttpOnly; SameSite=Lax; Max-Age=0; Path=/`
33 : `HttpOnly; SameSite=Lax; Max-Age=0; Path=/; Secure`;
34
35 return {
36 statusCode: 200,
37 headers: {
38 "Content-Type": "application/json",
39 "Set-Cookie": `${cookieName}=; ${cookieFlags}`,
40 },
41 body: JSON.stringify({ success: true }),
42 };
43};
44
45export const handler = withErrorHandling(logoutHandler);