<?php
namespace Misuzu;

use Misuzu\Auth\AuthTokenCookie;

if($msz->authInfo->isLoggedIn) {
    if(!CSRF::validateRequest()) {
        Template::render('auth.logout');
        return;
    }

    $tokenInfo = $msz->authInfo->tokenInfo;
    $msz->authCtx->sessions->deleteSessions(sessionTokens: $tokenInfo->sessionToken);

    $tokenBuilder = $tokenInfo->toBuilder();
    $tokenBuilder->removeUserId();
    $tokenBuilder->removeSessionToken();
    $tokenBuilder->removeImpersonatedUserId();

    $tokenInfo = $tokenBuilder->toInfo();
    AuthTokenCookie::apply($tokenPacker->pack($tokenInfo));
}

Tools::redirect($msz->urls->format('index'));;