24 lines
693 B
JavaScript
24 lines
693 B
JavaScript
import { connectDB } from '../../utils/mongoose.js'
|
|
import Member from '../../models/member.js'
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
await connectDB()
|
|
|
|
// Increment tokenVersion to invalidate all outstanding session tokens
|
|
try {
|
|
const member = await requireAuth(event)
|
|
await Member.findByIdAndUpdate(member._id, { $inc: { tokenVersion: 1 } }, { runValidators: false })
|
|
} catch {
|
|
// Already unauthenticated — still clear the cookie
|
|
}
|
|
|
|
setCookie(event, 'auth-token', '', {
|
|
httpOnly: true,
|
|
secure: process.env.NODE_ENV === 'production',
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
maxAge: 0,
|
|
})
|
|
|
|
return { message: 'Logged out successfully' }
|
|
})
|