Improve logout

2 files changed, 16 insertions, 6 deletions

diff --git a/main.go b/main.go
index a5de4dc..174a610 100644
--- a/main.go
+++ b/main.go
@@ -87,13 +87,17 @@ func (app *App) loginHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func (app *App) logoutHandler(w http.ResponseWriter, r *http.Request) {
-	c := http.Cookie{
-		Name:   "id",
-		Value:  "",
-		Domain: "." + app.Domain,
-		MaxAge: 0,
+	if s, ok := app.validate(r); ok {
+		// should we save old sessions in another table?
+		app.DeleteSession(s.Id)
+		c := http.Cookie{
+			Name:   "id",
+			Value:  "",
+			Domain: "." + app.Domain,
+			MaxAge: -1,
+		}
+		http.SetCookie(w, &c)
 	}
-	http.SetCookie(w, &c)
 	http.Redirect(w, r, "/login", http.StatusSeeOther)
 }
 
diff --git a/store.go b/store.go
index 89698ea..5e76cfc 100644
--- a/store.go
+++ b/store.go
@@ -24,6 +24,7 @@ type Store interface {
 	GetSession(id string) (*Session, bool)
 	NewSession(userId int64) *Session
 	GetUser(name string) (*User, bool)
+	DeleteSession(id string)
 }
 
 type PgStore struct {
@@ -66,6 +67,11 @@ func (store *PgStore) NewSession(userId int64) *Session {
 	return s
 }
 
+func (store *PgStore) DeleteSession(id string) {
+	store.Query("DELETE FROM sessions WHERE id = $1", id)
+	delete(store.sessionCache, id)
+}
+
 func (store *PgStore) GetUser(name string) (*User, bool) {
 	u := &User{Name: name}
 	row := store.QueryRow(