From d701182d520e50205faa307c647bf3a7cc6b556e Mon Sep 17 00:00:00 2001
From: Matthias Mair <code@mjmair.com>
Date: Thu, 26 Dec 2024 18:10:01 +0100
Subject: [PATCH] re-implement logoff

---
 src/frontend/src/enums/ApiEndpoints.tsx |  2 +-
 src/frontend/src/functions/auth.tsx     | 11 +++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/frontend/src/enums/ApiEndpoints.tsx b/src/frontend/src/enums/ApiEndpoints.tsx
index da84bf8872..b9308a4085 100644
--- a/src/frontend/src/enums/ApiEndpoints.tsx
+++ b/src/frontend/src/enums/ApiEndpoints.tsx
@@ -26,7 +26,7 @@ export enum ApiEndpoints {
   user_email_primary = 'auth/emails/:id/primary/',
   user_login = '_allauth/app/v1/auth/login',
   user_login_mfa = '_allauth/app/v1/auth/2fa/authenticate',
-  user_logout = 'auth/logout/',
+  user_logout = '_allauth/app/v1/auth/session',
   user_register = 'auth/registration/',
 
   // Generic API endpoints
diff --git a/src/frontend/src/functions/auth.tsx b/src/frontend/src/functions/auth.tsx
index b0aee89595..ad28f0919e 100644
--- a/src/frontend/src/functions/auth.tsx
+++ b/src/frontend/src/functions/auth.tsx
@@ -91,6 +91,7 @@ export const doBasicLogin = async (
     )
     .then((response) => {
       if (response.status == 200 && response.data?.meta?.is_authenticated) {
+        setSession(response.data.meta.session_token);
         setToken(response.data.meta.access_token);
         result = true;
       }
@@ -121,11 +122,16 @@ export const doBasicLogin = async (
  * @arg deleteToken: If true, delete the token from the server
  */
 export const doLogout = async (navigate: NavigateFunction) => {
-  const { clearUserState, isLoggedIn } = useUserState.getState();
+  const { clearUserState, isLoggedIn, setSession } = useUserState.getState();
+  const { session } = useUserState.getState();
 
   // Logout from the server session
   if (isLoggedIn() || !!getCsrfCookie()) {
-    await api.post(apiUrl(ApiEndpoints.user_logout)).catch(() => {});
+    await api
+      .delete(apiUrl(ApiEndpoints.user_logout), {
+        headers: { 'X-Session-Token': session }
+      })
+      .catch(() => {});
 
     showLoginNotification({
       title: t`Logged Out`,
@@ -133,6 +139,7 @@ export const doLogout = async (navigate: NavigateFunction) => {
     });
   }
 
+  setSession(undefined);
   clearUserState();
   clearCsrfCookie();
   navigate('/login');