gendesign/frontend/src/lib/logout.ts
bot-backend a9dfe44f5c
All checks were successful
CI / changes (pull_request) Successful in 7s
CI / backend-tests (pull_request) Has been skipped
CI / frontend-tests (pull_request) Successful in 51s
CI / openapi-codegen-check (pull_request) Successful in 1m56s
fix(tradein/auth): always-available logout button on NoAccessScreen
Locked/no-access users (403/denied path/expired session/trial ended) were
trapped: NoAccessScreen had no logout control, and «Выйти» lived only inside
UserMenu, which does not render on the no-access screen. They could not switch
accounts without clearing browser basic-auth manually.

- Extract logout() into shared `lib/logout.ts` (single source of truth).
- UserMenu now imports it instead of a local copy (behaviour unchanged).
- NoAccessScreen renders an always-available «Выйти» accent button for every
  variant.

Mirrored across both frontends (tradein-mvp/frontend + main frontend) to keep
the MIRROR invariant in sync.
2026-06-27 15:16:42 +03:00

25 lines
941 B
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/**
* Logout — invalidate basic_auth cache + reload.
*
* Trick: fetch на защищённый endpoint с явно неверным Basic-токеном.
* Caddy ответит 401 (because creds wrong) → браузер выкинет старые cached
* creds для этого origin. Затем hard reload — Caddy снова запросит basic_auth
* prompt, потому что cached creds invalidated.
*
* Это работает в Safari/Chrome/Firefox; legacy `ClearAuthenticationCache`
* не нужен.
*/
export async function logout(): Promise<void> {
try {
await fetch("/api/v1/me", {
headers: {
Authorization: "Basic " + btoa("logout:logout"),
},
cache: "no-store",
});
} catch {
// Сетевая ошибка — всё равно делаем hard reload.
}
// Hard reload форсит новый basic_auth handshake.
window.location.href = "/";
}