<?php
namespace Misuzu;

use Misuzu\Auth\AuthTokenCookie;

if($msz->isLoggedIn()) {
    if(!CSRF::validateRequest()) {
        Template::render('auth.logout');
        return;
    }

    $tokenInfo = $msz->getAuthInfo()->getTokenInfo();

    $msz->getSessions()->deleteSessions(sessionTokens: $tokenInfo->getSessionToken());

    $tokenBuilder = $tokenInfo->toBuilder();
    $tokenBuilder->removeUserId();
    $tokenBuilder->removeSessionToken();
    $tokenBuilder->removeImpersonatedUserId();
    $tokenInfo = $tokenBuilder->toInfo();

    AuthTokenCookie::apply($tokenPacker->pack($tokenInfo));
}

url_redirect('index');