From e9b739bef6a76545209039ca7efba1849f9038bd Mon Sep 17 00:00:00 2001
From: Roland Bewick <roland.bewick@gmail.com>
Date: Fri, 16 Aug 2024 15:13:13 +0700
Subject: [PATCH] feat: add logout route

---
 frontend/src/components/layouts/AppLayout.tsx | 10 ++++++++--
 frontend/vite.config.ts                       |  4 ++++
 http/http_service.go                          | 14 ++++++++++++++
 3 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/frontend/src/components/layouts/AppLayout.tsx b/frontend/src/components/layouts/AppLayout.tsx
index 303aa851..2912eb6a 100644
--- a/frontend/src/components/layouts/AppLayout.tsx
+++ b/frontend/src/components/layouts/AppLayout.tsx
@@ -71,8 +71,14 @@ export default function AppLayout() {
   const logout = React.useCallback(async () => {
     deleteAuthToken();
     await refetchInfo();
-    navigate("/", { replace: true });
-    toast({ title: "You are now logged out." });
+
+    const isHttpMode = window.location.protocol.startsWith("http");
+    if (isHttpMode) {
+      window.location.href = "/logout";
+    } else {
+      navigate("/", { replace: true });
+      toast({ title: "You are now logged out." });
+    }
   }, [navigate, refetchInfo, toast]);
 
   const isHttpMode = window.location.protocol.startsWith("http");
diff --git a/frontend/vite.config.ts b/frontend/vite.config.ts
index d52c9f67..a24b46b5 100644
--- a/frontend/vite.config.ts
+++ b/frontend/vite.config.ts
@@ -52,6 +52,10 @@ export default defineConfig(({ command }) => ({
         target: "http://localhost:8080",
         secure: false,
       },
+      "/logout": {
+        target: "http://localhost:8080",
+        secure: false,
+      },
     },
   },
   resolve: {
diff --git a/http/http_service.go b/http/http_service.go
index 52aa03a2..a4766149 100644
--- a/http/http_service.go
+++ b/http/http_service.go
@@ -63,6 +63,10 @@ func (httpSvc *HttpService) RegisterSharedRoutes(e *echo.Echo) {
 		XFrameOptions:         "DENY",
 		ContentSecurityPolicy: "default-src 'self'; img-src 'self' https://uploads.getalby-assets.com https://getalby.com;",
 		ReferrerPolicy:        "no-referrer",
+		Skipper: func(c echo.Context) bool {
+			// only serve the react app on the root
+			return c.Path() != "/"
+		},
 	}))
 	e.Use(middleware.RequestLoggerWithConfig(middleware.RequestLoggerConfig{
 		LogURI:       true,
@@ -97,6 +101,7 @@ func (httpSvc *HttpService) RegisterSharedRoutes(e *echo.Echo) {
 	e.POST("/api/unlock", httpSvc.unlockHandler, unlockRateLimiter)
 	e.PATCH("/api/unlock-password", httpSvc.changeUnlockPasswordHandler, unlockRateLimiter)
 	e.POST("/api/backup", httpSvc.createBackupHandler, unlockRateLimiter)
+	e.GET("/logout", httpSvc.logoutHandler, unlockRateLimiter)
 
 	frontend.RegisterHandlers(e)
 
@@ -936,6 +941,15 @@ func (httpSvc *HttpService) getLogOutputHandler(c echo.Context) error {
 	return c.JSON(http.StatusOK, getLogResponse)
 }
 
+func (httpSvc *HttpService) logoutHandler(c echo.Context) error {
+	redirectUrl := httpSvc.cfg.GetEnv().FrontendUrl
+	if redirectUrl == "" {
+		redirectUrl = httpSvc.cfg.GetEnv().BaseUrl
+	}
+
+	return c.Redirect(http.StatusFound, redirectUrl)
+}
+
 func (httpSvc *HttpService) createBackupHandler(c echo.Context) error {
 	var backupRequest api.BasicBackupRequest
 	if err := c.Bind(&backupRequest); err != nil {