Merge pull request #5905 from nocodb/fix/signout

fix: signOut API

packages/nc-gui/composables/useGlobal/actions.ts

@@ -8,12 +8,14 @@ export function useGlobalActions(state: State): Actions {
 
   /** Sign out by deleting the token from localStorage */
   const signOut: Actions['signOut'] = async () => {
-    state.token.value = null
-    state.user.value = null
     try {
       const nuxtApp = useNuxtApp()
       await nuxtApp.$api.auth.signout()
-    } catch {}
+    } catch {
+    } finally {
+      state.token.value = null
+      state.user.value = null
+    }
   }
 
   /** Sign in by setting the token in localStorage */

packages/nocodb/src/controllers/users/users.controller.ts

@@ -73,11 +73,15 @@ export class UsersController {
     res.json(this.usersService.login(req.user));
   }
 
+  @UseGuards(GlobalGuard)
   @Post('/api/v1/auth/user/signout')
   @HttpCode(200)
-  async signout(@Request() req, @Response() res): Promise<any> {
+  async signOut(@Request() req, @Response() res): Promise<any> {
+    if (!(req as any).isAuthenticated()) {
+      NcError.forbidden('Not allowed');
+    }
     res.json(
-      await this.usersService.signout({
+      await this.usersService.signOut({
         req,
         res,
       }),

packages/nocodb/src/services/users/users.service.ts

@@ -493,13 +493,14 @@ export class UsersService {
     };
   }
 
-  async signout(param: { res: any; req: any }) {
+  async signOut(param: { res: any; req: any }) {
     try {
       param.res.clearCookie('refresh_token');
       const user = (param.req as any).user;
-      if (user) {
+      if (user?.id) {
         await User.update(user.id, {
           refresh_token: null,
+          token_version: null,
         });
       }
       return { msg: 'Signed out successfully' };