Skip to content

fix: resolve 404 on logout by creating missing API route#818

Open
johdanike wants to merge 3 commits into
Ogstevyn:mainfrom
johdanike:fix/660-missing-logout-route
Open

fix: resolve 404 on logout by creating missing API route#818
johdanike wants to merge 3 commits into
Ogstevyn:mainfrom
johdanike:fix/660-missing-logout-route

Conversation

@johdanike
Copy link
Copy Markdown
Contributor

@johdanike johdanike commented May 29, 2026

Description:

Related Issue(s)
Closes #660

Summary of Changes
This PR fixes a critical bug where users were unable to properly sign out of the application. The frontend EmailAuthContext was attempting to call POST /api/auth/logout, but the route did not exist, resulting in a 404 error and leaving the user's server-side session active. This introduces the missing endpoint to securely destroy the HTTP-only JWT cookie.

Backend / Core Logic:

app/api/auth/logout/route.ts: Created the missing endpoint. It utilizes the Next.js cookies() API to securely delete the token cookie and returns a { success: true } payload.

Test Suite:

__tests__/api/auth/logout.test.ts: Added a new test suite to verify the logout functionality. It successfully mocks next/headers to confirm that the cookie deletion method is explicitly called on the correct token.

johdanike added 2 commits May 29, 2026 11:57
@johdanike
feat(auth): implement email verification flow on signup
5078ea6 
- Set  by default for all new user signups.
- Generate and store a 24-hour verification token upon account creation.
- Create  route to validate tokens and update status.
- Build  frontend page to handle token processing and redirect.
- Restrict escrow creation API and UI to users with verified emails.

Closes Ogstevyn#183
@johdanike
fix(auth): resolve 404 on logout by creating missing API route
3abdadb 
- Create `POST /api/auth/logout` endpoint.
- Clear JWT authentication cookie server-side using Next.js headers.
- Return standard JSON success response for the frontend context.
- Add Vitest test suite to verify cookie deletion behavior.

Closes Ogstevyn#163
@vercel
Copy link
Copy Markdown

vercel Bot commented May 29, 2026

@johdanike is attempting to deploy a commit to the Stephen's projects Team on Vercel.

A member of the Team first needs to authorize it.

@drips-wave
Copy link
Copy Markdown

drips-wave Bot commented May 29, 2026

@johdanike Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Issue #163] Bug: Missing /api/auth/logout Route Causes 404 on Logout

1 participant

@johdanike