From 163b0f9edce341aacc838dab987bbbbfb0504682 Mon Sep 17 00:00:00 2001 From: Eli Ribble Date: Thu, 16 Apr 2026 19:50:23 +0000 Subject: [PATCH] Destroy the session on signout Kill it with fire --- auth/auth.go | 1 + 1 file changed, 1 insertion(+) diff --git a/auth/auth.go b/auth/auth.go index dadc6f13..bb22736e 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -152,6 +152,7 @@ func SigninUser(r *http.Request, username string, password string) (*platform.Us func SignoutUser(r *http.Request, user platform.User) { sessionManager.Put(r.Context(), "user_id", "") sessionManager.Put(r.Context(), "username", "") + sessionManager.Destroy(r.Context()) log.Info().Str("username", user.Username).Int("user_id", (user.ID)).Msg("Ended user session") }