Server: Also clear admin session ID on logout after impersonating a user

2021-09-27 18:34:12 +01:00 · 2021-09-27 18:34:12 +01:00 · 24945a0d3e
parent 8c9331cf61
commit 24945a0d3e
1 changed files with 1 additions and 0 deletions
--- a/packages/server/src/routes/index/logout.ts
+++ b/packages/server/src/routes/index/logout.ts
@ -11,6 +11,7 @@ const router = new Router(RouteType.Web);
 router.post('logout', async (_path: SubPath, ctx: AppContext) => {
 	const sessionId = contextSessionId(ctx, false);
 	cookieSet(ctx, 'sessionId', '');
+	cookieSet(ctx, 'adminSessionId', '');
 	await ctx.joplin.models.session().logout(sessionId);
 	return redirect(ctx, `${config().baseUrl}/login`);
 });