From 2225f5db49ed0bfa4f738f05df0f32a1f536605a Mon Sep 17 00:00:00 2001
From: Kaushik Narayan R <rknarayan02@gmail.com>
Date: Mon, 8 Jan 2024 20:09:10 -0700
Subject: [PATCH] session cookie cleared on client side for logout/deauth

---
 controllers/auth.js     | 4 +++-
 middleware/authCheck.js | 8 +++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/controllers/auth.js b/controllers/auth.js
index ec91b37..08a8677 100644
--- a/controllers/auth.js
+++ b/controllers/auth.js
@@ -135,10 +135,12 @@ const logout = async (req, res) => {
 		const delSession = req.session.destroy((err) => {
 			if (Object.keys(err).length) {
 				logger.error("Error while logging out", { err });
+				return res.sendStatus(500);
 			} else {
 				logger.info("Logged out.", { sessionID: delSession.id });
+				res.clearCookie("connect.sid");
+				return res.sendStatus(200);
 			}
-			return res.sendStatus(200);
 		})
 	} catch (error) {
 		logger.error('logout', { error });
diff --git a/middleware/authCheck.js b/middleware/authCheck.js
index 4337550..7ba27bf 100644
--- a/middleware/authCheck.js
+++ b/middleware/authCheck.js
@@ -13,12 +13,14 @@ const isAuthenticated = (req, res, next) => {
 		next()
 	} else {
 		const delSession = req.session.destroy((err) => {
-			if (err) {
+			if (Object.keys(err).length) {
 				logger.error("Error while destroying session.", { err });
+				return res.status(500).send("Server error, try later.");
 			} else {
-				logger.info("Session destroyed.", { sessionID: delSession.id });
+				logger.info("Session invalid, destroyed.", { sessionID: delSession.id });
+				res.clearCookie("connect.sid");
+				return res.sendStatus(401);
 			}
-			return res.sendStatus(401);
 		});
 	}
 }