misuzu/public-legacy/auth/logout.php

27 lines
802 B
PHP

<?php
namespace Misuzu;
use Misuzu\Auth\AuthTokenCookie;
if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
die('Script must be called through the Misuzu route dispatcher.');
if($msz->authInfo->isLoggedIn) {
if(!CSRF::validateRequest()) {
Template::render('auth.logout');
return;
}
$tokenInfo = $msz->authInfo->tokenInfo;
$msz->authCtx->sessions->deleteSessions(sessionTokens: $tokenInfo->sessionToken);
$tokenBuilder = $tokenInfo->toBuilder();
$tokenBuilder->removeUserId();
$tokenBuilder->removeSessionToken();
$tokenBuilder->removeImpersonatedUserId();
$tokenInfo = $tokenBuilder->toInfo();
AuthTokenCookie::apply($msz->authCtx->createAuthTokenPacker()->pack($tokenInfo));
}
Tools::redirect($msz->urls->format('index'));;