fix logout

package.json

@@ -10,10 +10,10 @@
     "astro": "astro"
   },
   "dependencies": {
-    "@astrojs/mdx": "4.0.3",
+    "@astrojs/mdx": "^4.2.3",
-    "@astrojs/node": "^9.0.0",
+    "@astrojs/node": "^9.1.3",
-    "@astrojs/react": "^4.2.0",
+    "@astrojs/react": "^4.2.3",
-    "@astrojs/tailwind": "5.1.4",
+    "@astrojs/tailwind": "^6.0.2",
     "@heroui/react": "^2.7.5",
     "@iconify-json/heroicons": "^1.2.2",
     "@iconify-json/mdi": "^1.2.3",
@@ -21,9 +21,9 @@
     "@types/highlight.js": "^10.1.0",
     "@types/js-yaml": "^4.0.9",
     "@types/lodash": "^4.17.15",
-    "@types/react": "^19.0.8",
+    "@types/react": "^19.1.0",
-    "@types/react-dom": "^19.0.3",
+    "@types/react-dom": "^19.1.1",
-    "astro": "5.1.1",
+    "astro": "^5.5.6",
     "astro-expressive-code": "^0.40.2",
     "astro-icon": "^1.1.5",
     "chart.js": "^4.4.7",
@@ -37,9 +37,9 @@
     "next": "^15.1.2",
     "pocketbase": "^0.25.1",
     "prismjs": "^1.29.0",
-    "react": "^19.0.0",
+    "react": "^19.1.0",
     "react-chartjs-2": "^5.3.0",
-    "react-dom": "^19.0.0",
+    "react-dom": "^19.1.0",
     "react-hot-toast": "^2.5.2",
     "react-icons": "^5.4.0",
     "rehype-expressive-code": "^0.40.2",

src/components/dashboard/SettingsSection/AccountSecuritySettings.tsx

@@ -59,16 +59,7 @@ export default function AccountSecuritySettings({
         checkAuth();
     }, []);
 
-    const handleLogout = async () => {
+    // No logout functions needed here as logout is handled in the dashboard menu
-        try {
-            await logger.send('logout', 'auth', 'User manually logged out from settings page');
-            await auth.logout();
-            window.location.href = '/';
-        } catch (error) {
-            console.error('Error during logout:', error);
-            toast.error('Failed to log out. Please try again.');
-        }
-    };
 
     const detectBrowser = (userAgent: string): string => {
         if (userAgent.indexOf('Chrome') > -1) return 'Chrome';
@@ -179,17 +170,13 @@ export default function AccountSecuritySettings({
                     <h4 className="font-semibold text-lg mb-2">Account Actions</h4>
 
                     <div className="space-y-4">
-                        <button
-                            onClick={handleLogout}
-                            className="btn btn-error btn-outline w-full md:w-auto"
-                        >
-                            Sign Out
-                        </button>
-
                         <p className="text-sm text-warning p-3 bg-warning bg-opacity-10 rounded-lg">
                             If you need to delete your account or have other account-related issues,
                             please contact an IEEE UCSD administrator.
                         </p>
+                        <p className="text-sm text-info p-3 bg-info bg-opacity-10 rounded-lg">
+                            To log out of your account, use the Logout option in the dashboard menu.
+                        </p>
                     </div>
                 </div>
             </div>

src/pages/api/logout.ts

@@ -0,0 +1,79 @@
+import type { APIRoute } from "astro";
+
+// Mark this endpoint as server-rendered, not static
+export const prerender = false;
+
+export const GET: APIRoute = async ({ request, redirect }) => {
+  try {
+    // Get the Logto endpoint and client ID from environment variables
+    const logtoEndpoint = import.meta.env.LOGTO_ENDPOINT;
+    const clientId = import.meta.env.LOGTO_POCKETBASE_APP_ID;
+
+    if (!logtoEndpoint) {
+      throw new Error("LOGTO_ENDPOINT environment variable is not set");
+    }
+
+    if (!clientId) {
+      throw new Error(
+        "LOGTO_POCKETBASE_APP_ID environment variable is not set",
+      );
+    }
+
+    // Get the current origin to use as the redirect URL
+    const url = new URL(request.url);
+    const origin = url.origin;
+
+    // Construct the redirect URL (back to dashboard)
+    const redirectUrl = `${origin}/dashboard`;
+
+    // Log the redirect URL for debugging
+    console.log(`Setting post-logout redirect to: ${redirectUrl}`);
+    console.log(`Using client ID: ${clientId}`);
+
+    // Make a POST request to the Logto session end endpoint with the redirect in the body
+    const logoutUrl = `${logtoEndpoint}/oidc/session/end`;
+
+    try {
+      // Try to make a POST request with the redirect in the body and client ID
+      const response = await fetch(logoutUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/x-www-form-urlencoded",
+        },
+        body: new URLSearchParams({
+          post_logout_redirect_uri: redirectUrl,
+          client_id: clientId,
+        }),
+        redirect: "manual", // Don't automatically follow redirects
+      });
+
+      // If we get a redirect response, follow it
+      if (response.status >= 300 && response.status < 400) {
+        const location = response.headers.get("Location");
+        if (location) {
+          console.log(`Received redirect to: ${location}`);
+          return redirect(location);
+        }
+      }
+
+      // If POST doesn't work, fall back to the query parameter approach
+      console.log(
+        "POST request didn't result in expected redirect, falling back to GET",
+      );
+      return redirect(
+        `${logoutUrl}?post_logout_redirect_uri=${encodeURIComponent(redirectUrl)}&client_id=${encodeURIComponent(clientId)}`,
+      );
+    } catch (fetchError) {
+      console.error("Error making POST request to Logto:", fetchError);
+      // Fall back to the query parameter approach
+      return redirect(
+        `${logoutUrl}?post_logout_redirect_uri=${encodeURIComponent(redirectUrl)}&client_id=${encodeURIComponent(clientId)}`,
+      );
+    }
+  } catch (error) {
+    console.error("Error in logout API:", error);
+
+    // If there's an error, redirect to dashboard anyway
+    return redirect("/dashboard");
+  }
+};