From 5680a306ff298884d419249c68d385d32e52f259 Mon Sep 17 00:00:00 2001
From: yusing <yusing@6uo.me>
Date: Fri, 28 Mar 2025 02:19:46 +0800
Subject: [PATCH] refactor: fix logout logic in oidc middleware

---
 internal/net/gphttp/middleware/oidc.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/internal/net/gphttp/middleware/oidc.go b/internal/net/gphttp/middleware/oidc.go
index 49191e9..231422b 100644
--- a/internal/net/gphttp/middleware/oidc.go
+++ b/internal/net/gphttp/middleware/oidc.go
@@ -65,9 +65,6 @@ func (amw *oidcMiddleware) initSlow() error {
 
 	amw.authMux = http.NewServeMux()
 	amw.authMux.HandleFunc(auth.OIDCMiddlewareCallbackPath, authProvider.LoginCallbackHandler)
-	amw.authMux.HandleFunc(auth.OIDCLogoutPath, func(w http.ResponseWriter, r *http.Request) {
-		http.Error(w, "Unauthorized", http.StatusUnauthorized)
-	})
 	amw.authMux.HandleFunc("/", authProvider.RedirectLoginPage)
 	amw.auth = authProvider
 	return nil
@@ -82,6 +79,7 @@ func (amw *oidcMiddleware) before(w http.ResponseWriter, r *http.Request) (proce
 
 	if r.URL.Path == auth.OIDCLogoutPath {
 		amw.auth.LogoutCallbackHandler(w, r)
+		return false
 	}
 	if err := amw.auth.CheckToken(r); err != nil {
 		if errors.Is(err, auth.ErrMissingToken) {