Revoke tokens on attached L1s when user logs out

On logout: 1. Call /auth/revoke on each attached L1 renderer 2. Remove all attachments from user_renderers table 3. Clear L2 cookie This ensures logging out of L2 also logs user out of all L1s. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-09 18:08:05 +00:00
parent 943ccea1a2
commit 4351c97ce0
1 changed files with 22 additions and 2 deletions
--- a/server.py
+++ b/server.py
@@ -531,8 +531,28 @@ async def ui_register_submit(request: Request):


@app.get("/logout")
-async def logout():
-    """Handle logout - clear cookie and redirect to home."""
+async def logout(request: Request):
+    """Handle logout - clear cookie, revoke token on attached L1s, and redirect to home."""
+    token = request.cookies.get("auth_token")
+    username = verify_token(token) if token else None
+
+    # Revoke token on all attached L1 renderers
+    if username and token:
+        attached = await db.get_user_renderers(username)
+        for l1_url in attached:
+            try:
+                requests.post(
+                    f"{l1_url}/auth/revoke",
+                    headers={"Authorization": f"Bearer {token}"},
+                    timeout=5
+                )
+            except Exception as e:
+                logger.warning(f"Failed to revoke token on {l1_url}: {e}")
+
+        # Remove all attachments for this user
+        for l1_url in attached:
+            await db.detach_renderer(username, l1_url)
+
    response = RedirectResponse(url="/", status_code=302)
    # Delete both legacy (no domain) and new (shared domain) cookies
    response.delete_cookie("auth_token")