From 735a80803857f9b26d47c2b637e5eab341a6da8b Mon Sep 17 00:00:00 2001 From: "n.nakhostin" Date: Wed, 1 Oct 2025 13:01:52 +0330 Subject: [PATCH] Enhance Customer Logout Functionality with Improved Error Handling and Device Token Management - Updated the Logout method in customer service to retrieve the customer by ID before invalidating the access token, enhancing error logging for failed retrievals. - Added error handling for the access token invalidation process, ensuring a clear error message is returned if it fails. - Implemented logic to clear the device token upon logout, updating the customer record accordingly and logging any errors during the update process. - Improved logging for successful and failed logout operations to enhance traceability. --- internal/customer/service.go | 25 ++++++++++++++++++++++--- internal/user/service.go | 23 +++++++++++++++++++++-- 2 files changed, 43 insertions(+), 5 deletions(-) diff --git a/internal/customer/service.go b/internal/customer/service.go index 78b53d9..eb0d11a 100644 --- a/internal/customer/service.go +++ b/internal/customer/service.go @@ -779,18 +779,37 @@ func (s *customerService) GetProfileWithCompanies(ctx context.Context, customerI // Logout handles customer logout func (s *customerService) Logout(ctx context.Context, customerID string, accessToken string) error { s.logger.Info("Customer logout", map[string]interface{}{ - "customer_id": customerID, - "access_token": accessToken[:10] + "...", // Log only first 10 chars for security + "customer_id": customerID, }) + // get customer by id + customer, err := s.repository.GetByID(ctx, customerID) + if err != nil { + s.logger.Error("Failed to get customer for logout", map[string]interface{}{ + "error": err.Error(), + "customer_id": customerID, + }) + } + // Invalidate the access token - err := s.authService.InvalidateToken(accessToken) + err = s.authService.InvalidateToken(accessToken) if err != nil { s.logger.Error("Failed to invalidate access token", map[string]interface{}{ "error": err.Error(), "customer_id": customerID, }) // Don't return error here as the customer should still be logged out + return errors.New("failed to invalidate access token") + } + + // delete device token from customer + customer.DeviceToken = make([]string, 0) + err = s.repository.Update(ctx, customer) + if err != nil { + s.logger.Error("Failed to update customer device token", map[string]interface{}{ + "error": err.Error(), + "customer_id": customerID, + }) } s.logger.Info("Customer logout successful", map[string]interface{}{ diff --git a/internal/user/service.go b/internal/user/service.go index d1b6a82..15dc7f4 100644 --- a/internal/user/service.go +++ b/internal/user/service.go @@ -632,14 +632,33 @@ func (s *userService) UpdateRole(ctx context.Context, id string, form *UpdateUse // Logout logs out a user and invalidates tokens func (s *userService) Logout(ctx context.Context, userID string, accessToken string) error { + // get user by id + user, err := s.repository.GetByID(ctx, userID) + if err != nil { + s.logger.Error("Failed to get user for logout", map[string]interface{}{ + "error": err.Error(), + "user_id": userID, + }) + } + // Invalidate the access token - err := s.authService.InvalidateToken(accessToken) + err = s.authService.InvalidateToken(accessToken) if err != nil { s.logger.Error("Failed to invalidate access token", map[string]interface{}{ "error": err.Error(), "user_id": userID, }) - // Don't return error here as the user should still be logged out + return errors.New("failed to invalidate access token") + } + + // delete device token from user + user.DeviceToken = make([]string, 0) + err = s.repository.Update(ctx, user) + if err != nil { + s.logger.Error("Failed to update user device token", map[string]interface{}{ + "error": err.Error(), + "user_id": userID, + }) } s.logger.Info("User logged out successfully", map[string]interface{}{