From 923b83f214c11c6c2ac5d5bfdb1e114cd9c4e346 Mon Sep 17 00:00:00 2001
From: Peter Giacomo Lombardo <pglombardo@hey.com>
Date: Tue, 17 Dec 2024 11:04:58 +0100
Subject: [PATCH] Delete session cookie and reset session on logout.

---
 app/controllers/users/sessions_controller.rb | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/app/controllers/users/sessions_controller.rb b/app/controllers/users/sessions_controller.rb
index 05cb3b8c597d..ff3db19181b6 100644
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@@ -20,6 +20,17 @@ class Users::SessionsController < Devise::SessionsController
   #   super
   # end
 
+  # after_sign_out_path_for
+  #
+  # This method is called after the user has signed out.
+  # Ensure the session data is cleared and the session cookie is deleted.
+  #
+  def after_sign_out_path_for(resource_or_scope)
+    reset_session  # Explicitly clear the session data
+    cookies.delete("_PasswordPusher_session") # Delete the session cookie
+    root_path      # Redirect to the root path after logout
+  end
+
   # protected
 
   # If you have extra params to permit, append them to the sanitizer.