refactor to improve database operability in hwsauth

hwsauth/logout.go

@@ -4,19 +4,40 @@ import (
 	"net/http"
 
 	"git.haelnorr.com/h/golib/cookies"
+	"git.haelnorr.com/h/golib/jwt"
 	"github.com/pkg/errors"
 )
 
-func (auth *Authenticator[T]) Logout(tx DBTransaction, w http.ResponseWriter, r *http.Request) error {
+// Logout revokes the user's authentication tokens and clears their cookies.
+// This operation requires a database transaction to revoke tokens.
+//
+// Parameters:
+//   - tx: Database transaction for revoking tokens
+//   - w: HTTP response writer for clearing cookies
+//   - r: HTTP request containing the tokens to revoke
+//
+// Example:
+//
+//	func logoutHandler(w http.ResponseWriter, r *http.Request) {
+//	    tx, _ := db.BeginTx(r.Context(), nil)
+//	    defer tx.Rollback()
+//	    if err := auth.Logout(tx, w, r); err != nil {
+//	        http.Error(w, "Logout failed", http.StatusInternalServerError)
+//	        return
+//	    }
+//	    tx.Commit()
+//	    http.Redirect(w, r, "/", http.StatusSeeOther)
+//	}
+func (auth *Authenticator[T, TX]) Logout(tx TX, w http.ResponseWriter, r *http.Request) error {
 	aT, rT, err := auth.getTokens(tx, r)
 	if err != nil {
 		return errors.Wrap(err, "auth.getTokens")
 	}
-	err = aT.Revoke(tx)
+	err = aT.Revoke(jwt.DBTransaction(tx))
 	if err != nil {
 		return errors.Wrap(err, "aT.Revoke")
 	}
-	err = rT.Revoke(tx)
+	err = rT.Revoke(jwt.DBTransaction(tx))
 	if err != nil {
 		return errors.Wrap(err, "rT.Revoke")
 	}