fix(app/logout): always perform API logout + make API logout route public [EE-6198] (#10448)

* feat(api/logout): make logout route public * feat(app/logout): always perform API logout on /logout redirect * fix(app): send a logout event to AngularJS when axios hits a 401
2025-07-24 07:49:41 +02:00 · 2023-10-27 14:44:05 +02:00 · 2023-10-27 14:44:05 +02:00 · 9e60723e4d
commit 9e60723e4d
parent 47fa1626c6
8 changed files with 54 additions and 27 deletions
--- a/api/http/handler/auth/logout.go
+++ b/api/http/handler/auth/logout.go
@ -7,26 +7,29 @@ import (
 	"github.com/portainer/portainer/api/internal/logoutcontext"
 	httperror "github.com/portainer/portainer/pkg/libhttp/error"
 	"github.com/portainer/portainer/pkg/libhttp/response"
+	"github.com/rs/zerolog/log"
 )

 // @id Logout
 // @summary Logout
-// @description **Access policy**: authenticated
+// @description **Access policy**: public
 // @security ApiKeyAuth
 // @security jwt
 // @tags auth
 // @success 204 "Success"
 // @failure 500 "Server error"
 // @router /auth/logout [post]
+
 func (handler *Handler) logout(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	tokenData, err := security.RetrieveTokenData(r)
 	if err != nil {
-		return httperror.InternalServerError("Unable to retrieve user details from authentication token", err)
+		log.Warn().Err(err).Msg("unable to retrieve user details from authentication token")
 	}

-	handler.KubernetesTokenCacheManager.RemoveUserFromCache(tokenData.ID)
-
-	logoutcontext.Cancel(tokenData.Token)
+	if tokenData != nil {
+		handler.KubernetesTokenCacheManager.RemoveUserFromCache(tokenData.ID)
+		logoutcontext.Cancel(tokenData.Token)
+	}

 	return response.Empty(w)
 }