Skip to content

feat: User Logout support#74

Merged
guenhter merged 7 commits intomainfrom
user-avatar
Apr 14, 2026
Merged

feat: User Logout support#74
guenhter merged 7 commits intomainfrom
user-avatar

Conversation

@guenhter
Copy link
Copy Markdown
Contributor

@guenhter guenhter commented Apr 14, 2026

Add user logout support

@guenhter guenhter requested a review from Copilot April 14, 2026 07:17
Copilot AI reviewed Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds user logout support end-to-end (backend CSRF + logout endpoints, frontend sidebar UI), and updates session/userinfo handling to support showing the logged-in user in the sidebar.

Changes:

  • Add backend CSRF (GET /api/auth/csrf) and CSRF-protected logout (POST /api/auth/logout) flow.
  • Replace the old session probe with GET /api/auth/userinfo returning user_id, name, and additional, and update frontend session service to be stateless and return session state directly.
  • Add sidebar footer area with Logout + User Avatar items, plus updated unit/e2e tests and docs/changelogs.

Reviewed changes

Copilot reviewed 34 out of 34 changed files in this pull request and generated 8 comments.

Show a summary per file
File Description
justfile Adds root recipes to run install/format across subprojects.
frontend/omni/src/modules/user-avatar/locales/de.json Adds German label for user avatar.
frontend/omni/src/modules/user-avatar/UserAvatarItem.svelte New sidebar item showing user initials/name from session state.
frontend/omni/src/modules/session-service/sessionServiceImpl.test.ts Updates tests for new getActiveSession() behavior and userInfo handling.
frontend/omni/src/modules/session-service/sessionServiceImpl.svelte.ts Replaces cached session state with stateless getActiveSession() fetching /api/auth/userinfo.
frontend/omni/src/modules/session-service/index.svelte.ts Introduces SessionState/UserInfo types and new SessionService API.
frontend/omni/src/modules/session-service/SessionGatedAppLayout.svelte Switches gating logic to use getActiveSession() return value.
frontend/omni/src/modules/main-app-sidebar-based/lib/styles.ts Centralizes sidebar menu button class string.
frontend/omni/src/modules/main-app-sidebar-based/lib/SidebarMenuNavigationItem.svelte Removes old navigation item component (inlined elsewhere).
frontend/omni/src/modules/main-app-sidebar-based/SidebarLayout.svelte Adds sidebar footer slot/snippet support.
frontend/omni/src/modules/main-app-sidebar-based/MainApp.svelte Renders top + bottom sidebar items via new footer snippet.
frontend/omni/src/modules/llm-provider-management/providersNavigationItem.svelte Inlines sidebar menu item rendering using shared styles.
frontend/omni/src/modules/fetch-service/sessionFetchService.svelte.ts Updates 401 handling to use getActiveSession().
frontend/omni/src/modules/fetch-service/fetchService.test.ts Updates mocks/assertions for getActiveSession() API.
frontend/omni/src/modules/chat/chatNavigationItem.svelte Inlines sidebar menu item rendering using shared styles.
frontend/omni/src/modules/authentication/locales/de.json Adds German label for logout.
frontend/omni/src/modules/authentication/LogoutItem.svelte Adds logout sidebar item calling /api/auth/csrf then POST /api/auth/logout.
frontend/omni/public/modules_with_backend.json Wires logout + avatar into sidebar bottom items; adds module entries.
frontend/omni/public/modules_browser_only.json Adds (empty) sidebar bottom items wiring for browser-only config.
frontend/omni/docs/learnings/INSTRUCTION_UPDATES.md Documents “frontend services must be stateless” guidance.
frontend/omni/CHANGELOG.md Documents new sidebar avatar + logout button additions.
e2e_tests/tests_omni_full/src/pages.ts Adds sidebar page-object logout helper.
e2e_tests/tests_omni_full/src/login.spec.ts Updates session checks to /api/auth/userinfo and enables logout e2e test.
backend/omni/src/modai/modules/session/oidc_session.py Removes user_store/JIT provisioning; session validation now includes name.
backend/omni/src/modai/modules/session/module.py Changes session endpoint path to /api/auth/userinfo; adds name to Session model.
backend/omni/src/modai/modules/session/dev_mock_session.py Updates mock session to include name field.
backend/omni/src/modai/modules/session/tests/test_oidc_session.py Updates tests for new endpoint and name field; removes user_store/JIT tests.
backend/omni/src/modai/modules/session/README.md Updates docs for /api/auth/userinfo and Session model changes.
backend/omni/src/modai/modules/chat/tests/test_web_chat_router.py Updates Session construction for new name field.
backend/omni/src/modai/modules/authentication/oidc_auth_module.py Adds CSRF endpoint and CSRF validation for logout.
backend/omni/src/modai/modules/authentication/tests/test_oidc_auth_module.py Adds CSRF/logout tests and updates logout tests to include CSRF header.
backend/omni/docs/architecture/auth.md Updates auth/session docs for new endpoints, CSRF, and session payload shape.
backend/omni/CHANGELOG.md Documents new CSRF/logout endpoints and userinfo payload/endpoint consolidation.
CONTRIBUTION.md Fixes spelling/grammar and clarifies AI-assisted workflow expectations.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@guenhter guenhter merged commit ecef93f into main Apr 14, 2026
8 checks passed
@guenhter guenhter deleted the user-avatar branch April 14, 2026 09:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@guenhter