Feat: signout endpoint

components/index.html

@@ -4,8 +4,11 @@
 	{{ else if ne .LinkLogin "" }}
 		{{template "linklogin" .LinkLogin}}
 	{{ else if not .State.RoomID }}
-		<div id="hello-user" class="text-xl py-2">
+		<div id="hello-user" class="flex text-xl justify-center space-x-8 py-2">
 			<p>Hello {{.State.Username}}</p>
+			<div>
+			<a href="/signout"><button class="bg-amber-100 text-black px-4 py-2 rounded">signout</button></a>
+			</div>
 		</div>
 		<div id="create-room" class="create-room-div">
 		    <button button id="create-form-btn" type="submit" class="justify-center rounded-md bg-indigo-600 px-3 py-1.5 text-sm font-semibold leading-6 text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600" hx-get="/room/createform" hx-swap="outerHTML">SHOW ROOM CREATE FORM</button>

handlers/auth.go

@@ -79,13 +79,6 @@ func HandleFrontLogin(w http.ResponseWriter, r *http.Request) {
 	// make sure username does not exists
 	cleanName := utils.RemoveSpacesFromStr(username)
 	clearPass := utils.RemoveSpacesFromStr(password)
-	// login user
-	cookie, err := makeCookie(cleanName, r.RemoteAddr)
-	if err != nil {
-		log.Error("failed to login", "error", err)
-		abortWithError(w, err.Error())
-		return
-	}
 	// check if that user was already in db
 	userstate, err := repo.PlayerGetByName(r.Context(), cleanName)
 	if err != nil || userstate == nil {
@@ -99,6 +92,13 @@ func HandleFrontLogin(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
+	// login user
+	cookie, err := makeCookie(cleanName, r.RemoteAddr)
+	if err != nil {
+		log.Error("failed to login", "error", err)
+		abortWithError(w, err.Error())
+		return
+	}
 	http.SetCookie(w, cookie)
 	fi := &models.FullInfo{
 		State: userstate,
@@ -190,3 +190,23 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 	}
 	return cookie, nil
 }
+
+func HandleSignout(w http.ResponseWriter, r *http.Request) {
+	cookie := &http.Cookie{
+		Name:     "session_token",
+		Value:    "",
+		Path:     "/",
+		MaxAge:   -1,
+		HttpOnly: true,
+	}
+	cookie.Secure = true
+	cookie.SameSite = http.SameSiteNoneMode
+	if strings.Contains(r.RemoteAddr, "192.168.0") {
+		cookie.Domain = "192.168.0.100"
+		cookie.SameSite = http.SameSiteLaxMode
+		cookie.Secure = false
+		log.Info("changing cookie domain for signout", "domain", cookie.Domain)
+	}
+	http.SetCookie(w, cookie)
+	http.Redirect(w, r, "/", http.StatusFound)
+}

main.go

@@ -69,6 +69,7 @@ func ListenToRequests(port string) *http.Server {
 	mux.HandleFunc("GET /ping", handlers.HandlePing)
 	mux.HandleFunc("GET /", handlers.HandleHome)
 	mux.HandleFunc("POST /login", handlers.HandleFrontLogin)
+	mux.HandleFunc("GET /signout", handlers.HandleSignout)
 	mux.HandleFunc("POST /join-team", handlers.HandleJoinTeam)
 	mux.HandleFunc("GET /end-turn", handlers.HandleEndTurn)
 	mux.HandleFunc("POST /room-create", handlers.HandleCreateRoom)