session cookie cleared on client side for logout/deauth

2026-01-25 06:04:05 +00:00 · 2024-01-08 20:09:10 -07:00
parent 143391507e
commit 2225f5db49
2 changed files with 8 additions and 4 deletions
--- a/controllers/auth.js
+++ b/controllers/auth.js
@@ -135,10 +135,12 @@ const logout = async (req, res) => {
 		const delSession = req.session.destroy((err) => {
 			if (Object.keys(err).length) {
 				logger.error("Error while logging out", { err });
+				return res.sendStatus(500);
 			} else {
 				logger.info("Logged out.", { sessionID: delSession.id });
+				res.clearCookie("connect.sid");
+				return res.sendStatus(200);
 			}
-			return res.sendStatus(200);
 		})
 	} catch (error) {
 		logger.error('logout', { error });