sso-clear returns 204 for iframe-based logout

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 12:21:14 +00:00
parent a93a456ac5
commit 9a637c6227
1 changed files with 2 additions and 3 deletions
--- a/infrastructure/oauth.py
+++ b/infrastructure/oauth.py
@@ -132,11 +132,10 @@ def create_oauth_blueprint(app_name: str) -> Blueprint:
    @bp.get("/sso-clear")
    @bp.get("/sso-clear/")
    async def sso_clear():
-        """Clear local session, then redirect to next app in logout chain."""
+        """Clear local session. Called via hidden iframe from account logout."""
        qsession.pop(SESSION_USER_KEY, None)
        qsession.pop("cart_sid", None)
-        next_url = request.args.get("next", "/")
-        return redirect(next_url)
+        return "", 204

    @bp.post("/logout")
    @bp.post("/logout/")