From 4a0eed2fc6921c1f48d588f3c0e9db49f0108cdf Mon Sep 17 00:00:00 2001
From: Hayden Hargreaves <hhargreaves2006@gmail.com>
Date: Sun, 15 Jun 2025 20:16:07 -0700
Subject: [PATCH] (FEAT): Logout API in place.

---
 internal/app/handlers/auth_handler.go | 16 ++++++++++++++++
 internal/app/server/server.go         |  3 ++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/internal/app/handlers/auth_handler.go b/internal/app/handlers/auth_handler.go
index f30df23..2d7f1bb 100644
--- a/internal/app/handlers/auth_handler.go
+++ b/internal/app/handlers/auth_handler.go
@@ -8,6 +8,8 @@ import (
 	domain "github.com/haydenhargreaves/Potion/internal/domain/server"
 )
 
+// GoogleLogin directs the user to Googles select user login page. Once the user has selected an
+// account, they will be directed to the GoogleCallback handler where the main logic resides.
 func GoogleLogin(ctx *gin.Context) {
 	deps := ctx.MustGet("deps").(*domain.InjectedDependencies)
 	url := deps.AuthService.GetGoogleAuthUrl()
@@ -15,6 +17,13 @@ func GoogleLogin(ctx *gin.Context) {
 	ctx.Redirect(http.StatusSeeOther, url)
 }
 
+// GoogleCallback is the callback handler when the user successfully logs in with their Google
+// account. They will be directed here and a JWT is generated. This JWT is stored in the users
+// cookies and will be used by protected routes to validate their login status.
+//
+// TODO: This route does not do the proper handling, need to work on the redirection or handling.
+//
+// We do not need to return all of this data, it is just for testing.
 func GoogleCallback(ctx *gin.Context) {
 	deps := ctx.MustGet("deps").(*domain.InjectedDependencies)
 
@@ -40,3 +49,10 @@ func GoogleCallback(ctx *gin.Context) {
 		ctx.JSON(http.StatusOK, gin.H{"jwt": jwt, "googleUserInfo": googleUserInfo, "dbUser": dbUser})
 	}
 }
+
+// Logout removes the token from the user's browser. Effectively "logging them out." Routes that
+// require authentication will require the user to sign back in before accessing them again.
+func Logout(ctx *gin.Context) {
+	// TODO: Use same values as the GoogleCallback function
+	ctx.SetCookie("jwt_token", "", -1, "/", "localhost", false, true)
+}
diff --git a/internal/app/server/server.go b/internal/app/server/server.go
index da62425..99f2d9b 100644
--- a/internal/app/server/server.go
+++ b/internal/app/server/server.go
@@ -144,9 +144,10 @@ func (s *Server) Setup() *Server {
 	// WEB router endpoints
 	router_web.GET("/login", handlers.LoginPage)
 
-	// Google oauth
+	// Authentication
 	router_api.GET("/auth/login", handlers.GoogleLogin)
 	router_api.GET("/auth/callback", handlers.GoogleCallback)
+	router_api.GET("/auth/logout", handlers.Logout)
 
 	return s
 }