Gracefull error messages on password mishap

2025-10-30 01:35:32 +00:00 · 2025-05-22 23:01:59 +02:00
parent 2a08e5fec7
commit b81d783e8c
7 changed files with 109 additions and 63 deletions
--- a/pages/logout.go
+++ b/pages/logout.go
@@ -28,25 +28,43 @@ type LogoutPage struct {
 }

 func (p *LogoutPage) Setup(router *router.Router[*core.RequestEvent], app core.App, engine *templating.Engine) error {
-	router.GET(p.URL, p.GET())
+	router.GET(p.URL, p.GET(app))
 	return nil
 }

-func (p *LogoutPage) GET() HandleFunc {
+func (p *LogoutPage) GET(app core.App) HandleFunc {
 	return func(e *core.RequestEvent) error {
-		// TODO: the function to delete tokens is not yet there
-		// as of right now, the tokens get only deleted from the clients
-		// We need to delete the tokens from the cache + table.
-		e.SetCookie(&http.Cookie{
-			Name:   dbmodels.SESSION_COOKIE_NAME,
-			Path:   "/",
-			MaxAge: -1,
-		})
-		e.Response.Header().Set("Clear-Site-Data", "\"cookies\"")
-		redirect := "/reihen"
-		if r := e.Request.URL.Query().Get("redirectTo"); r != "" {
-			redirect = r
-		}
-		return e.Redirect(303, redirect)
+		Logout(e, &app)
+		return RedirectTo(e)
 	}
 }
+
+func Logout(e *core.RequestEvent, app *core.App) {
+	e.SetCookie(&http.Cookie{
+		Name:   dbmodels.SESSION_COOKIE_NAME,
+		Path:   "/",
+		MaxAge: -1,
+	})
+
+	e.Response.Header().Set("Clear-Site-Data", "\"cookies\"")
+
+	cookie, err := e.Request.Cookie(dbmodels.SESSION_COOKIE_NAME)
+	if err == nil && app != nil {
+		go func() {
+			app := *app
+			record, err := app.FindFirstRecordByData(dbmodels.SESSIONS_TABLE, dbmodels.SESSIONS_TOKEN_FIELD, cookie.Value)
+			if err == nil && record != nil {
+				app.Delete(record)
+			}
+		}()
+	}
+}
+
+func RedirectTo(e *core.RequestEvent) error {
+	redirect := "/reihen"
+
+	if r := e.Request.URL.Query().Get("redirectTo"); r != "" {
+		redirect = r
+	}
+	return e.Redirect(303, redirect)
+}