Merge pull request #12842 from overleaf/jpa-logout

[web] remove GET /logout endpoints

GitOrigin-RevId: 93f9498fdb66ece5028d90941aac50cda2737604

services/web/app/src/Features/User/UserPagesController.js

@@ -60,7 +60,9 @@ async function settingsPage(req, res) {
   const user = await UserGetter.promises.getUser(userId)
   if (!user) {
     // The user has just deleted their account.
-    return res.redirect('/logout')
+    return UserSessionsManager.revokeAllUserSessions({ _id: userId }, [], () =>
+      res.redirect('/')
+    )
   }
   res.render('user/settings', {
     title: 'account_settings',
@@ -151,10 +153,6 @@ const UserPagesController = {
     res.render('user/one_time_login')
   },
 
-  logoutPage(req, res) {
-    res.render('user/logout')
-  },
-
   renderReconfirmAccountPage(req, res) {
     const pageData = {
       reconfirm_email: req.session.reconfirm_email,

services/web/app/src/router.js

@@ -263,7 +263,6 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
     '/read-only/one-time-login'
   )
 
-  webRouter.get('/logout', UserPagesController.logoutPage)
   webRouter.post('/logout', UserController.logout)
 
   webRouter.get('/restricted', AuthorizationMiddleware.restricted)

services/web/app/views/user/logout.pug

@@ -1,24 +0,0 @@
-extends ../layout-marketing
-
-block content
-	.content.content-alt
-		main.login-register-container#main-content
-			.card.login-register-card
-				.login-register-header
-					h1.login-register-header-heading #{translate("log_out")}
-				form.login-register-form(
-					data-ol-async-form,
-					name="logoutForm",
-					action='/logout',
-					method="POST"
-					data-ol-auto-submit
-				)
-					input(name='_csrf', type='hidden', value=csrfToken)
-					+formMessages()
-					.actions
-						button#submit-logout.btn-primary.btn.btn-block(
-							data-ol-disabled-inflight,
-							type='submit'
-						)
-							span(data-ol-inflight="idle" aria-label=translate('log_out')) #{translate('log_out')}
-							span(hidden data-ol-inflight="pending" aria-label=translate("logging_out")) #{translate('logging_out')}…

services/web/frontend/js/features/settings/components/leave/modal-form.tsx

@@ -55,7 +55,7 @@ function LeaveModalForm({
       },
     })
       .then(() => {
-        location.assign('/login')
+        location.assign('/')
       })
       .catch(setError)
       .finally(() => {

services/web/locales/en.json

@@ -850,7 +850,6 @@
   "log_viewer_error": "There was a problem displaying this project’s compilation errors and logs.",
   "logged_in_with_email": "You are currently logged in to <b>__appName__</b> with the email <b>__email__</b>.",
   "logging_in": "Logging in",
-  "logging_out": "Logging out",
   "login": "Login",
   "login_error": "Login error",
   "login_failed": "Login failed",

services/web/test/frontend/features/settings/components/leave/modal-form.test.tsx

@@ -89,7 +89,7 @@ describe('<LeaveModalForm />', function () {
         sinon.assert.calledTwice(setInFlight)
         sinon.assert.calledWithMatch(setInFlight, false)
         sinon.assert.calledOnce(assignStub)
-        sinon.assert.calledWith(assignStub, '/login')
+        sinon.assert.calledWith(assignStub, '/')
       })
     })
 

services/web/test/smoke/src/steps/002_login.js

@@ -22,7 +22,7 @@ async function run({ assertHasStatusCode, loginCsrfToken, request }) {
 }
 
 async function cleanup({ assertHasStatusCode, getCsrfTokenFor, request }) {
-  const logoutCsrfToken = await getCsrfTokenFor('/logout')
+  const logoutCsrfToken = await getCsrfTokenFor('/project')
   const response = await request('/logout', {
     method: 'POST',
     headers: {