feat: Add Sign-out functionality (#46)

#37 implemented the Sign-_in_ flow, but there wasn't a Sign-_out_ flow as part of that PR (aside from letting the cookie expire... or manually deleting the cookie...), which is obviously not ideal. This PR implements a basic sign-out flow, along with a very simple user dropdown: ![2022-01-21 18 09 14](https://user-images.githubusercontent.com/88213859/150620847-94e4d22f-1dcf-451e-8b4a-cec24702ea6c.gif) Bringing in a few pruned down components for the `<UserDropdown />` to integrate into the `<NavBar />`. In addition, this also implements a simple back-end API for `/logout` which just clears the session token.
2025-07-15 22:20:27 +00:00 · 2022-01-24 17:09:39 -08:00
parent a44056cff5
commit 69d88b4a6d
20 changed files with 414 additions and 25 deletions
--- a/coderd/users.go
+++ b/coderd/users.go
@ -237,6 +237,20 @@ func (users *users) loginWithPassword(rw http.ResponseWriter, r *http.Request) {
 	})
 }

+// Clear the user's session cookie
+func (*users) logout(rw http.ResponseWriter, r *http.Request) {
+	// Get a blank token cookie
+	cookie := &http.Cookie{
+		// MaxAge < 0 means to delete the cookie now
+		MaxAge: -1,
+		Name:   httpmw.AuthCookie,
+		Path:   "/",
+	}
+
+	http.SetCookie(rw, cookie)
+	render.Status(r, http.StatusOK)
+}
+
 // Generates a new ID and secret for an API key.
 func generateAPIKeyIDSecret() (id string, secret string, err error) {
 	// Length of an API Key ID.