From 21c010d131cfbce86747cfafc86a1255bf64b08d Mon Sep 17 00:00:00 2001
From: tone <tonesc@qq.com>
Date: Thu, 18 Dec 2025 17:06:28 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E7=99=BB=E5=87=BA?=
 =?UTF-8?q?=E5=AE=9E=E7=8E=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/backend/src/auth/auth.controller.ts | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/apps/backend/src/auth/auth.controller.ts b/apps/backend/src/auth/auth.controller.ts
index bdd71d4..6c81979 100644
--- a/apps/backend/src/auth/auth.controller.ts
+++ b/apps/backend/src/auth/auth.controller.ts
@@ -151,9 +151,15 @@ export class AuthController {
 
   @UseGuards(AuthGuard)
   @Post('logout')
-  async logout(@CurrentUser() user: AuthUser) {
-    const { userId, sessionId } = user;
-    await this.userSessionService.invalidateSession(userId, sessionId);
+  async logout(@CurrentUser() user: AuthUser, @Res({ passthrough: true }) res: Response) {
+    const { sessionId } = user;
+    await this.userSessionService.invalidateSession(sessionId, '用户主动登出');
+    res.clearCookie('session', {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === 'production',
+      sameSite: 'lax',
+      path: '/',
+    })
     return true;
   }
 }