Api logout route (#361)

* Add logout route that deletes http only cookies

* Rebuild API

mobile/openapi/.openapi-generator/FILES

@@ -29,6 +29,7 @@ doc/DeviceTypeEnum.md
 doc/ExifResponseDto.md
 doc/LoginCredentialDto.md
 doc/LoginResponseDto.md
+doc/LogoutResponseDto.md
 doc/RemoveAssetsDto.md
 doc/SearchAssetDto.md
 doc/ServerInfoApi.md
@@ -84,6 +85,7 @@ lib/model/device_type_enum.dart
 lib/model/exif_response_dto.dart
 lib/model/login_credential_dto.dart
 lib/model/login_response_dto.dart
+lib/model/logout_response_dto.dart
 lib/model/remove_assets_dto.dart
 lib/model/search_asset_dto.dart
 lib/model/server_info_response_dto.dart
@@ -99,3 +101,4 @@ lib/model/user_count_response_dto.dart
 lib/model/user_response_dto.dart
 lib/model/validate_access_token_response_dto.dart
 pubspec.yaml
+test/logout_response_dto_test.dart

mobile/openapi/README.md

@@ -89,6 +89,7 @@ Class | Method | HTTP request | Description
 *AssetApi* | [**uploadFile**](doc//AssetApi.md#uploadfile) | **POST** /asset/upload | 
 *AuthenticationApi* | [**adminSignUp**](doc//AuthenticationApi.md#adminsignup) | **POST** /auth/admin-sign-up | 
 *AuthenticationApi* | [**login**](doc//AuthenticationApi.md#login) | **POST** /auth/login | 
+*AuthenticationApi* | [**logout**](doc//AuthenticationApi.md#logout) | **POST** /auth/logout | 
 *AuthenticationApi* | [**validateAccessToken**](doc//AuthenticationApi.md#validateaccesstoken) | **POST** /auth/validateToken | 
 *DeviceInfoApi* | [**createDeviceInfo**](doc//DeviceInfoApi.md#createdeviceinfo) | **POST** /device-info | 
 *DeviceInfoApi* | [**updateDeviceInfo**](doc//DeviceInfoApi.md#updatedeviceinfo) | **PATCH** /device-info | 
@@ -130,6 +131,7 @@ Class | Method | HTTP request | Description
  - [ExifResponseDto](doc//ExifResponseDto.md)
  - [LoginCredentialDto](doc//LoginCredentialDto.md)
  - [LoginResponseDto](doc//LoginResponseDto.md)
+ - [LogoutResponseDto](doc//LogoutResponseDto.md)
  - [RemoveAssetsDto](doc//RemoveAssetsDto.md)
  - [SearchAssetDto](doc//SearchAssetDto.md)
  - [ServerInfoResponseDto](doc//ServerInfoResponseDto.md)

mobile/openapi/doc/AuthenticationApi.md

@@ -11,6 +11,7 @@ Method | HTTP request | Description
 ------------- | ------------- | -------------
 [**adminSignUp**](AuthenticationApi.md#adminsignup) | **POST** /auth/admin-sign-up | 
 [**login**](AuthenticationApi.md#login) | **POST** /auth/login | 
+[**logout**](AuthenticationApi.md#logout) | **POST** /auth/logout | 
 [**validateAccessToken**](AuthenticationApi.md#validateaccesstoken) | **POST** /auth/validateToken | 
 
 
@@ -96,6 +97,43 @@ No authorization required
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
+# **logout**
+> LogoutResponseDto logout()
+
+
+
+### Example
+```dart
+import 'package:openapi/api.dart';
+
+final api_instance = AuthenticationApi();
+
+try {
+    final result = api_instance.logout();
+    print(result);
+} catch (e) {
+    print('Exception when calling AuthenticationApi->logout: $e\n');
+}
+```
+
+### Parameters
+This endpoint does not need any parameter.
+
+### Return type
+
+[**LogoutResponseDto**](LogoutResponseDto.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
+
 # **validateAccessToken**
 > ValidateAccessTokenResponseDto validateAccessToken()
 

mobile/openapi/doc/LogoutResponseDto.md

@@ -0,0 +1,15 @@
+# openapi.model.LogoutResponseDto
+
+## Load the model package
+```dart
+import 'package:openapi/api.dart';
+```
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**successful** | **bool** |  | [readonly] 
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+

mobile/openapi/lib/api.dart

@@ -57,6 +57,7 @@ part 'model/device_type_enum.dart';
 part 'model/exif_response_dto.dart';
 part 'model/login_credential_dto.dart';
 part 'model/login_response_dto.dart';
+part 'model/logout_response_dto.dart';
 part 'model/remove_assets_dto.dart';
 part 'model/search_asset_dto.dart';
 part 'model/server_info_response_dto.dart';

mobile/openapi/lib/api/authentication_api.dart

@@ -110,6 +110,47 @@ class AuthenticationApi {
     return null;
   }
 
+  /// Performs an HTTP 'POST /auth/logout' operation and returns the [Response].
+  Future<Response> logoutWithHttpInfo() async {
+    // ignore: prefer_const_declarations
+    final path = r'/auth/logout';
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'POST',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  Future<LogoutResponseDto?> logout() async {
+    final response = await logoutWithHttpInfo();
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'LogoutResponseDto',) as LogoutResponseDto;
+    
+    }
+    return null;
+  }
+
   /// Performs an HTTP 'POST /auth/validateToken' operation and returns the [Response].
   Future<Response> validateAccessTokenWithHttpInfo() async {
     // ignore: prefer_const_declarations

mobile/openapi/lib/api_client.dart

@@ -238,6 +238,8 @@ class ApiClient {
           return LoginCredentialDto.fromJson(value);
         case 'LoginResponseDto':
           return LoginResponseDto.fromJson(value);
+        case 'LogoutResponseDto':
+          return LogoutResponseDto.fromJson(value);
         case 'RemoveAssetsDto':
           return RemoveAssetsDto.fromJson(value);
         case 'SearchAssetDto':

mobile/openapi/lib/model/logout_response_dto.dart

@@ -0,0 +1,111 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.12
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class LogoutResponseDto {
+  /// Returns a new [LogoutResponseDto] instance.
+  LogoutResponseDto({
+    required this.successful,
+  });
+
+  bool successful;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is LogoutResponseDto &&
+     other.successful == successful;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (successful.hashCode);
+
+  @override
+  String toString() => 'LogoutResponseDto[successful=$successful]';
+
+  Map<String, dynamic> toJson() {
+    final _json = <String, dynamic>{};
+      _json[r'successful'] = successful;
+    return _json;
+  }
+
+  /// Returns a new [LogoutResponseDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static LogoutResponseDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      // Ensure that the map contains the required keys.
+      // Note 1: the values aren't checked for validity beyond being non-null.
+      // Note 2: this code is stripped in release mode!
+      assert(() {
+        requiredKeys.forEach((key) {
+          assert(json.containsKey(key), 'Required key "LogoutResponseDto[$key]" is missing from JSON.');
+          assert(json[key] != null, 'Required key "LogoutResponseDto[$key]" has a null value in JSON.');
+        });
+        return true;
+      }());
+
+      return LogoutResponseDto(
+        successful: mapValueOfType<bool>(json, r'successful')!,
+      );
+    }
+    return null;
+  }
+
+  static List<LogoutResponseDto>? listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <LogoutResponseDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = LogoutResponseDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, LogoutResponseDto> mapFromJson(dynamic json) {
+    final map = <String, LogoutResponseDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = LogoutResponseDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of LogoutResponseDto-objects as value to a dart map
+  static Map<String, List<LogoutResponseDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<LogoutResponseDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = LogoutResponseDto.listFromJson(entry.value, growable: growable,);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'successful',
+  };
+}
+

mobile/openapi/test/logout_response_dto_test.dart

@@ -0,0 +1,27 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.12
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+import 'package:openapi/api.dart';
+import 'package:test/test.dart';
+
+// tests for LogoutResponseDto
+void main() {
+  // final instance = LogoutResponseDto();
+
+  group('test LogoutResponseDto', () {
+    // bool successful
+    test('to test the property `successful`', () async {
+      // TODO
+    });
+
+
+  });
+
+}

server/apps/immich/src/api-v1/auth/auth.controller.ts

@@ -16,6 +16,8 @@ import { SignUpDto } from './dto/sign-up.dto';
 import { AdminSignupResponseDto } from './response-dto/admin-signup-response.dto';
 import { ValidateAccessTokenResponseDto } from './response-dto/validate-asset-token-response.dto,';
 import { Response } from 'express';
+import { LogoutResponseDto } from './response-dto/logout-response.dto';
+
 @ApiTags('Authentication')
 @Controller('auth')
 export class AuthController {
@@ -51,4 +53,16 @@ export class AuthController {
   async validateAccessToken(@GetAuthUser() authUser: AuthUserDto): Promise<ValidateAccessTokenResponseDto> {
     return new ValidateAccessTokenResponseDto(true);
   }
+
+  @Post('/logout')
+  async logout(@Res() response: Response): Promise<LogoutResponseDto> {
+    response.clearCookie('immich_access_token');
+    response.clearCookie('immich_is_authenticated');
+
+    const status = new LogoutResponseDto(true);
+
+    response.send(status)
+    return status;
+  }
+
 }

server/apps/immich/src/api-v1/auth/response-dto/logout-response.dto.ts

@@ -0,0 +1,10 @@
+import { ApiResponseProperty } from '@nestjs/swagger';
+
+export class LogoutResponseDto {
+    constructor (successful: boolean) {
+        this.successful = successful;
+    }
+
+    @ApiResponseProperty()
+    successful!: boolean;
+};

web/src/api/open-api/api.ts

@@ -782,6 +782,19 @@ export interface LoginResponseDto {
      */
     'shouldChangePassword': boolean;
 }
+/**
+ * 
+ * @export
+ * @interface LogoutResponseDto
+ */
+export interface LogoutResponseDto {
+    /**
+     * 
+     * @type {boolean}
+     * @memberof LogoutResponseDto
+     */
+    'successful': boolean;
+}
 /**
  * 
  * @export
@@ -2885,6 +2898,35 @@ export const AuthenticationApiAxiosParamCreator = function (configuration?: Conf
                 options: localVarRequestOptions,
             };
         },
+        /**
+         * 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        logout: async (options: AxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/auth/logout`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
         /**
          * 
          * @param {*} [options] Override http request option.
@@ -2948,6 +2990,15 @@ export const AuthenticationApiFp = function(configuration?: Configuration) {
             const localVarAxiosArgs = await localVarAxiosParamCreator.login(loginCredentialDto, options);
             return createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration);
         },
+        /**
+         * 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async logout(options?: AxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<LogoutResponseDto>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.logout(options);
+            return createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration);
+        },
         /**
          * 
          * @param {*} [options] Override http request option.
@@ -2985,6 +3036,14 @@ export const AuthenticationApiFactory = function (configuration?: Configuration,
         login(loginCredentialDto: LoginCredentialDto, options?: any): AxiosPromise<LoginResponseDto> {
             return localVarFp.login(loginCredentialDto, options).then((request) => request(axios, basePath));
         },
+        /**
+         * 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        logout(options?: any): AxiosPromise<LogoutResponseDto> {
+            return localVarFp.logout(options).then((request) => request(axios, basePath));
+        },
         /**
          * 
          * @param {*} [options] Override http request option.
@@ -3025,6 +3084,16 @@ export class AuthenticationApi extends BaseAPI {
         return AuthenticationApiFp(this.configuration).login(loginCredentialDto, options).then((request) => request(this.axios, this.basePath));
     }
 
+    /**
+     * 
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof AuthenticationApi
+     */
+    public logout(options?: AxiosRequestConfig) {
+        return AuthenticationApiFp(this.configuration).logout(options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * 
      * @param {*} [options] Override http request option.