feat(frontend): ✨ Implement glitch-soc logout

packages/glitch-server/main.ts

@@ -116,6 +116,12 @@ export const handleGlitchRequest = async (
         path = "/auth/sign_in.html";
     }
 
+    if (path === "/auth/sign_out") {
+        if (req.method === "POST") {
+            return redirect("/api/auth/mastodon-logout", 307);
+        }
+    }
+
     // Redirect / to /index.html
     if (path === "/" || path === "") path = "/index.html";
     // If path doesn't have an extension (e.g. /about), serve index.html

server/api/api/auth/mastodon-login/index.ts

@@ -13,7 +13,7 @@ export const meta = applyConfig({
         max: 4,
         duration: 60,
     },
-    route: "/api/auth/login",
+    route: "/api/auth/mastodon-logout",
     auth: {
         required: false,
     },

server/api/api/auth/mastodon-logout/index.ts

@@ -0,0 +1,36 @@
+import { randomBytes } from "node:crypto";
+import { apiRoute, applyConfig } from "@api";
+import { z } from "zod";
+import { TokenType } from "~database/entities/Token";
+import { findFirstUser } from "~database/entities/User";
+import { db } from "~drizzle/db";
+import { token } from "~drizzle/schema";
+import { config } from "~packages/config-manager";
+
+export const meta = applyConfig({
+    allowedMethods: ["POST"],
+    ratelimits: {
+        max: 4,
+        duration: 60,
+    },
+    route: "/api/auth/mastodon-logout",
+    auth: {
+        required: false,
+    },
+});
+
+/**
+ * Mastodon-FE logout route
+ */
+export default apiRoute(async (req, matchedRoute, extraData) => {
+    // Redirect to home
+    return new Response(null, {
+        headers: {
+            Location: "/",
+            "Set-Cookie": `_session_id=; Domain=${
+                new URL(config.http.base_url).hostname
+            }; SameSite=Lax; Path=/; HttpOnly; Max-Age=0; Expires=${new Date().toUTCString()}`,
+        },
+        status: 303,
+    });
+});