server: fix logout

packages/server/src/controllers/user.controller.ts

@@ -68,7 +68,13 @@ export class UserController {
   @Post(UserApiDefinition.logout.server)
   @HttpCode(HttpStatus.OK)
   async logout(@Res({ passthrough: true }) response: ExpressResponse) {
-    response.cookie('token', '', { expires: new Date() });
+    const { token, domain } = await this.userService.logout();
+    response.cookie('token', token, {
+      expires: new Date(),
+      domain,
+      httpOnly: true,
+      sameSite: 'lax',
+    });
     return;
   }
 

packages/server/src/services/user.service.ts

@@ -132,6 +132,11 @@ export class UserService {
     return { user: res, token, domain, expiresIn };
   }
 
+  async logout() {
+    const domain = this.confifgService.get('client.siteDomain');
+    return { token: '', domain };
+  }
+
   async validateUser(user: UserEntity) {
     return await this.findById(user.id);
   }