refactor: migrated logout (#3834)

Author: thorsten

phpmyfaq/assets/src/notifications-export.ts

@@ -0,0 +1,16 @@
+/**
+ * Notification exports for template usage
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public License,
+ * v. 2.0. If a copy of the MPL was not distributed with this file, You can
+ * obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * @package   phpMyFAQ
+ * @author    Thorsten Rinne
+ * @copyright 2026 phpMyFAQ Team
+ * @license   https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
+ * @link      https://www.phpmyfaq.de
+ * @since     2026-01-02
+ */
+
+export { pushNotification, pushErrorNotification } from './utils/notifications';

phpmyfaq/assets/templates/default/index.twig

@@ -231,5 +231,16 @@
   {% endfor %}
 {% endif %}
 <script type="module" src="./assets/public/frontend.js"></script>
+{% if successMessage or errorMessage %}
+<script type="module">
+  import { pushNotification, pushErrorNotification } from './assets/public/notifications.js';
+  {% if successMessage %}
+  pushNotification('{{ successMessage|e('js') }}');
+  {% endif %}
+  {% if errorMessage %}
+  pushErrorNotification('{{ errorMessage|e('js') }}');
+  {% endif %}
+</script>
+{% endif %}
 </body>
 </html>

phpmyfaq/index.php

@@ -211,27 +211,6 @@
     $action = 'twofactor';
 }
 
-//
-// Logout
-//
-if ($csrfChecked && 'logout' === $action && $user->isLoggedIn()) {
-    $user->deleteFromSession(true);
-    $action = 'main';
-    $ssoLogout = $faqConfig->get('security.ssoLogoutRedirect');
-
-    if ($faqConfig->get('security.ssoSupport') && !empty($ssoLogout)) {
-        $redirect = new RedirectResponse($ssoLogout);
-        $redirect->send();
-    }
-
-    if ($faqConfig->isSignInWithMicrosoftActive() && $user->getUserAuthSource() === 'azure') {
-        $redirect = new RedirectResponse($faqConfig->getDefaultUrl() . 'services/azure/logout.php');
-        $redirect->send();
-    }
-
-    $redirect = new RedirectResponse($faqConfig->getDefaultUrl());
-    $redirect->send();
-}
 
 //
 // Get current user and group id - default: -1
@@ -701,10 +680,6 @@
 
 $response->setContent($twigTemplate->render($templateVars));
 
-if ('logout' === $action) {
-    $response->headers->set('Cache-Control', 'no-cache, no-store, private');
-    $response->headers->set('Vary', 'Accept-Language, Accept-Encoding, Cookie');
-}
 
 $response->setCache([
     'must_revalidate' => false,

phpmyfaq/src/phpMyFAQ/Controller/Frontend/AbstractFrontController.php

@@ -48,8 +48,15 @@ protected function getHeader(Request $request): array
             PermissionType::VIEW_ADMIN_LINK->value,
         );
 
+        // Get flash messages
+        $session = $this->container->get('session');
+        $successMessages = $session->getFlashBag()->get('success');
+        $errorMessages = $session->getFlashBag()->get('error');
+
         return [
             ...$this->getUserDropdown(),
+            'successMessage' => !empty($successMessages) ? $successMessages[0] : null,
+            'errorMessage' => !empty($errorMessages) ? $errorMessages[0] : null,
             'isMaintenanceMode' => $this->configuration->get('main.maintenanceMode'),
             'isCompletelySecured' => $this->configuration->get('security.enableLoginOnly'),
             'isDebugEnabled' => Environment::isDebugMode(),

…/Controller/Frontend/LoginController.php …er/Frontend/AuthenticationController.phpphpmyfaq/src/phpMyFAQ/Controller/Frontend/LoginController.php renamed to phpmyfaq/src/phpMyFAQ/Controller/Frontend/AuthenticationController.php phpmyfaq/src/phpMyFAQ/Controller/Frontend/LoginController.php renamed to phpmyfaq/src/phpMyFAQ/Controller/Frontend/AuthenticationController.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * Login Controller
+ * Authentication Controller to handle login, logout, and password reset
  *
  * This Source Code Form is subject to the terms of the Mozilla Public License,
  * v. 2.0. If a copy of the MPL was not distributed with this file, You can
@@ -18,20 +18,24 @@
 namespace phpMyFAQ\Controller\Frontend;
 
 use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Filter;
+use phpMyFAQ\Session\Token;
 use phpMyFAQ\Translation;
+use phpMyFAQ\User\CurrentUser;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 use Twig\Error\LoaderError;
 
-final class LoginController extends AbstractFrontController
+final class AuthenticationController extends AbstractFrontController
 {
     /**
      * @throws Exception
      * @throws LoaderError
      * @throws \Exception
      */ #[Route(path: '/login', name: 'public.login')]
-    public function index(Request $request): Response
+    public function login(Request $request): Response
     {
         $faqSession = $this->container->get('phpmyfaq.user.session');
         $faqSession->setCurrentUser($this->currentUser);
@@ -83,4 +87,41 @@ public function forgotPassword(Request $request): Response
             'password' => Translation::get(key: 'ad_auth_passwd'),
         ]);
     }
+
+    /**
+     * @throws \Exception
+     */
+    #[Route(path: '/logout', name: 'public.logout')]
+    public function logout(Request $request): Response
+    {
+        $user = CurrentUser::getCurrentUser($this->configuration);
+        $csrfToken = Filter::filterVar($request->query->get('csrf'), FILTER_SANITIZE_SPECIAL_CHARS);
+
+        if (!Token::getInstance($this->container->get('session'))->verifyToken('logout', $csrfToken)) {
+            return new RedirectResponse($this->configuration->getDefaultUrl());
+        }
+
+        if (!$user->isLoggedIn()) {
+            return new RedirectResponse($this->configuration->getDefaultUrl());
+        }
+
+        $user->deleteFromSession(true);
+
+        // Add a success message
+        $session = $this->container->get('session');
+        $session->getFlashBag()->add('success', Translation::get('ad_logout'));
+
+        // SSO Logout
+        $ssoLogout = $this->configuration->get('security.ssoLogoutRedirect');
+        if ($this->configuration->get('security.ssoSupport') && !empty($ssoLogout)) {
+            return new RedirectResponse($ssoLogout);
+        }
+
+        // Microsoft Azure Logout
+        if ($this->configuration->isSignInWithMicrosoftActive() && $user->getUserAuthSource() === 'azure') {
+            return new RedirectResponse($this->configuration->getDefaultUrl() . 'services/azure/logout.php');
+        }
+
+        return new RedirectResponse($this->configuration->getDefaultUrl());
+    }
 }

phpmyfaq/src/public-routes.php

@@ -23,7 +23,7 @@
 use phpMyFAQ\Controller\Frontend\ContactController;
 use phpMyFAQ\Controller\Frontend\FaqController;
 use phpMyFAQ\Controller\Frontend\GlossaryController;
-use phpMyFAQ\Controller\Frontend\LoginController;
+use phpMyFAQ\Controller\Frontend\AuthenticationController;
 use phpMyFAQ\Controller\Frontend\NewsController;
 use phpMyFAQ\Controller\Frontend\QuestionsController;
 use phpMyFAQ\Controller\Frontend\OverviewController;
@@ -81,7 +81,7 @@
     ],
     'public.forgot-password' => [
         'path' => '/forgot-password',
-        'controller' => [LoginController::class, 'forgotPassword'],
+        'controller' => [AuthenticationController::class, 'forgotPassword'],
         'methods' => 'GET|POST',
     ],
     'public.glossary' => [
@@ -91,9 +91,14 @@
     ],
     'public.login' => [
         'path' => '/login',
-        'controller' => [LoginController::class, 'index'],
+        'controller' => [AuthenticationController::class, 'login'],
         'methods' => 'GET|POST',
     ],
+    'public.logout' => [
+        'path' => '/user/logout',
+        'controller' => [AuthenticationController::class, 'logout'],
+        'methods' => 'GET',
+    ],
     'public.news' => [
         'path' => '/news/{newsId}/{newsLang}/{slug}.html',
         'controller' => [NewsController::class, 'index'],

vite.config.ts

@@ -12,6 +12,7 @@ export default defineConfig({
       input: {
         backend: path.resolve(__dirname, 'phpmyfaq/admin/assets/src/index.ts'),
         frontend: path.resolve(__dirname, 'phpmyfaq/assets/src/frontend.ts'),
+        notifications: path.resolve(__dirname, 'phpmyfaq/assets/src/notifications-export.ts'),
         cookieConsent: path.resolve(__dirname, 'phpmyfaq/assets/src/cookie-consent.ts'),
         setup: path.resolve(__dirname, 'phpmyfaq/assets/src/setup.ts'),
         update: path.resolve(__dirname, 'phpmyfaq/assets/src/update.ts'),
@@ -24,12 +25,15 @@ export default defineConfig({
         format: 'es',
         entryFileNames: '[name].js',
         assetFileNames: '[name].[ext]',
+        preserveModules: false,
+        exports: 'named',
         manualChunks: {
           bootstrap: ['bootstrap'],
           chart: ['chart.js'],
           jodit: ['jodit'],
         },
       },
+      preserveEntrySignatures: 'exports-only',
     },
     sourcemap: true,
     minify: 'terser',