diff --git a/internal/customer/service.go b/internal/customer/service.go index 78b53d9..eb0d11a 100644 --- a/internal/customer/service.go +++ b/internal/customer/service.go @@ -779,18 +779,37 @@ func (s *customerService) GetProfileWithCompanies(ctx context.Context, customerI // Logout handles customer logout func (s *customerService) Logout(ctx context.Context, customerID string, accessToken string) error { s.logger.Info("Customer logout", map[string]interface{}{ - "customer_id": customerID, - "access_token": accessToken[:10] + "...", // Log only first 10 chars for security + "customer_id": customerID, }) + // get customer by id + customer, err := s.repository.GetByID(ctx, customerID) + if err != nil { + s.logger.Error("Failed to get customer for logout", map[string]interface{}{ + "error": err.Error(), + "customer_id": customerID, + }) + } + // Invalidate the access token - err := s.authService.InvalidateToken(accessToken) + err = s.authService.InvalidateToken(accessToken) if err != nil { s.logger.Error("Failed to invalidate access token", map[string]interface{}{ "error": err.Error(), "customer_id": customerID, }) // Don't return error here as the customer should still be logged out + return errors.New("failed to invalidate access token") + } + + // delete device token from customer + customer.DeviceToken = make([]string, 0) + err = s.repository.Update(ctx, customer) + if err != nil { + s.logger.Error("Failed to update customer device token", map[string]interface{}{ + "error": err.Error(), + "customer_id": customerID, + }) } s.logger.Info("Customer logout successful", map[string]interface{}{ diff --git a/internal/user/service.go b/internal/user/service.go index d1b6a82..15dc7f4 100644 --- a/internal/user/service.go +++ b/internal/user/service.go @@ -632,14 +632,33 @@ func (s *userService) UpdateRole(ctx context.Context, id string, form *UpdateUse // Logout logs out a user and invalidates tokens func (s *userService) Logout(ctx context.Context, userID string, accessToken string) error { + // get user by id + user, err := s.repository.GetByID(ctx, userID) + if err != nil { + s.logger.Error("Failed to get user for logout", map[string]interface{}{ + "error": err.Error(), + "user_id": userID, + }) + } + // Invalidate the access token - err := s.authService.InvalidateToken(accessToken) + err = s.authService.InvalidateToken(accessToken) if err != nil { s.logger.Error("Failed to invalidate access token", map[string]interface{}{ "error": err.Error(), "user_id": userID, }) - // Don't return error here as the user should still be logged out + return errors.New("failed to invalidate access token") + } + + // delete device token from user + user.DeviceToken = make([]string, 0) + err = s.repository.Update(ctx, user) + if err != nil { + s.logger.Error("Failed to update user device token", map[string]interface{}{ + "error": err.Error(), + "user_id": userID, + }) } s.logger.Info("User logged out successfully", map[string]interface{}{