diff --git a/internal/api/handler.go b/internal/api/handler.go
index 12333de..6ddd084 100644
--- a/internal/api/handler.go
+++ b/internal/api/handler.go
@@ -29,6 +29,8 @@ func NewHandler() http.Handler {
 	// mux.HandleFunc("GET", "/v1/checkhealth", v1.CheckHealth)
 	// mux.HandleFunc("HEAD", "/v1/checkhealth", v1.CheckHealth)
 	mux.HandleFunc("POST", "/v1/login", auth.LoginHandler)
+	mux.HandleFunc("GET", "/v1/logout", auth.LogoutHandler)
+	mux.HandleFunc("POST", "/v1/logout", auth.LogoutHandler)
 	mux.HandleFunc("POST", "/v1/reload", v1.Reload)
 	mux.HandleFunc("GET", "/v1/list", auth.RequireAuth(v1.List))
 	mux.HandleFunc("GET", "/v1/list/{what}", auth.RequireAuth(v1.List))
diff --git a/internal/api/v1/auth/auth.go b/internal/api/v1/auth/auth.go
index fff5cf9..8296008 100644
--- a/internal/api/v1/auth/auth.go
+++ b/internal/api/v1/auth/auth.go
@@ -80,6 +80,19 @@ func LoginHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
 
+func LogoutHandler(w http.ResponseWriter, r *http.Request) {
+	http.SetCookie(w, &http.Cookie{
+		Name:     "token",
+		Value:    "",
+		Expires:  time.Unix(0, 0),
+		HttpOnly: true,
+		SameSite: http.SameSiteStrictMode,
+		Path:     "/",
+	})
+	w.Header().Set("location", "/login")
+	w.WriteHeader(http.StatusTemporaryRedirect)
+}
+
 func RequireAuth(next http.HandlerFunc) http.HandlerFunc {
 	if common.IsDebugSkipAuth {
 		return next
diff --git a/internal/net/http/middleware/rate_limiter.go b/internal/net/http/middleware/rate_limiter.go
new file mode 100644
index 0000000..ea5f958
--- /dev/null
+++ b/internal/net/http/middleware/rate_limiter.go
@@ -0,0 +1,12 @@
+package middleware
+
+type (
+	rateLimiter struct {
+		*rateLimiterOpts
+		m *Middleware
+	}
+
+	rateLimiterOpts struct {
+		Count int `json:"count"`
+	}
+)