signout

routers/sessions.go

@@ -128,7 +128,7 @@ func SessionsItemDelete(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// 獲取當前session
+	// 獲取當前 session
 	session := models.Session{ID: cookie.Value}
 	if err := configs.ORMDB().Find(&session).Error; err != nil {
 		w.WriteHeader(http.StatusUnauthorized)
@@ -158,6 +158,13 @@ func SessionsItemDelete(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte("404 - Not Found"))
 		return
 	}
+
+	// 如果目标 ssession_id 和当前 session_id 相同, 则清除 Cookie
+	if sessionx.ID == session.ID {
+		cookie := http.Cookie{Name: "session_id", Value: "", Path: "/", HttpOnly: true, MaxAge: -1}
+		http.SetCookie(w, &cookie)
+	}
+
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.Write(utils.ToJSON(sessionx))
 }