Initial commit

2026-03-12 12:43:56 +01:00
commit f733dee856
137 changed files with 51192 additions and 0 deletions
--- a/api/admin/logout.php
+++ b/api/admin/logout.php
@@ -0,0 +1,51 @@
+<?php
+
+/**
+ * BOHA Automation - Admin Logout API (JWT)
+ *
+ * POST /api/admin/logout.php
+ *
+ * Response:
+ * {
+ *   "success": true,
+ *   "message": "Logged out successfully"
+ * }
+ */
+
+declare(strict_types=1);
+
+require_once dirname(__DIR__) . '/config.php';
+require_once dirname(__DIR__) . '/includes/JWTAuth.php';
+require_once dirname(__DIR__) . '/includes/AuditLog.php';
+require_once dirname(__DIR__) . '/includes/RateLimiter.php';
+
+// Set headers
+setCorsHeaders();
+setSecurityHeaders();
+setNoCacheHeaders();
+header('Content-Type: application/json; charset=utf-8');
+
+// Rate limiting (30 requests/minute)
+$rateLimiter = new RateLimiter();
+$rateLimiter->enforce('logout', 30);
+
+// Only accept POST
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    errorResponse('Metoda není povolena', 405);
+}
+
+// Get user from access token if available (for audit logging)
+$authData = JWTAuth::optionalAuth();
+
+// Log logout before revoking tokens
+if ($authData) {
+    AuditLog::logLogout($authData['user_id'], $authData['user']['username'] ?? 'unknown');
+}
+
+// Revoke refresh token (from cookie)
+$refreshToken = $_COOKIE['refresh_token'] ?? null;
+if ($refreshToken) {
+    JWTAuth::revokeRefreshToken($refreshToken);
+}
+
+successResponse(null, 'Odhlášení úspěšné');