# Quick Reference: Logout Tracking System ## What Was Implemented ### 🎯 Goal Track **exactly why and where** every user logout happens with precise culprit detection. --- ## Changes Made ### 1. Backend Middleware (`backend/igny8_core/auth/middleware.py`) **Added:** - Standardized error codes for all logout reasons - Structured JSON responses with logout context - Enhanced logging with timestamps and IP addresses **Every logout now returns:** ```json { "logout_reason": "SESSION_ACCOUNT_MISMATCH", "logout_message": "Session contamination: account ID mismatch", "logout_path": "/dashboard/content", // Original page, NOT /signin "logout_context": { "stored_account_id": 123, "current_account_id": 456 } } ``` --- ### 2. Frontend API Interceptor (`frontend/src/services/api.ts`) **Enhanced:** - 401 handler parses backend logout reasons - 403 handler detects auth vs permission errors - Token refresh failures create detailed logout reasons - All logout triggers store reason in localStorage - Console logging with 🚨 emoji markers --- ### 3. Auth Store (`frontend/src/store/authStore.ts`) **Enhanced:** - Manual logout captures context before clearing - Account/plan validation failures create logout reasons - Console logging with πŸšͺ (manual) and 🚨 (automatic) markers --- ### 4. SignIn Page (`frontend/src/components/auth/SignInForm.tsx`) **Added:** - Yellow alert box showing logout reason - Expandable technical details section - Console logging of full context - Automatic cleanup after display **User sees:** ``` β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ ⚠️ Session Ended β”‚ β”‚ β”‚ β”‚ Session contamination: account ID mismatch β”‚ β”‚ Original page: /dashboard/content β”‚ β”‚ [ℹ️ Details] β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ ``` --- ## Error Codes ### Backend-Triggered - `SESSION_ACCOUNT_MISMATCH` - Session contamination - `SESSION_USER_MISMATCH` - User ID mismatch - `ACCOUNT_MISSING` - No account configured - `ACCOUNT_SUSPENDED` - Account suspended - `ACCOUNT_CANCELLED` - Account cancelled - `PLAN_MISSING` - No plan assigned - `PLAN_INACTIVE` - Plan inactive ### Frontend-Triggered - `TOKEN_REFRESH_FAILED` - Refresh token expired - `NO_REFRESH_TOKEN` - Missing refresh token - `AUTH_CREDENTIALS_MISSING` - Auth missing (403) - `MANUAL_LOGOUT` - User clicked logout - `ACCOUNT_REQUIRED` - Account validation failed - `PLAN_REQUIRED` - Plan validation failed --- ## How It Works ``` β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Logout Happens β”‚ β”‚ (any reason) β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ ↓ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ System Creates Logout Reason Object: β”‚ β”‚ β€’ Error code β”‚ β”‚ β€’ User-friendly message β”‚ β”‚ β€’ Original page path (NOT /signin) β”‚ β”‚ β€’ Debugging context β”‚ β”‚ β€’ Timestamp β”‚ β”‚ β€’ Source (backend/frontend) β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”œβ†’ Logs to backend (πŸ” grep "[AUTO-LOGOUT]") β”œβ†’ Logs to console (🚨 or πŸšͺ emoji) β””β†’ Stores in localStorage β”‚ ↓ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Redirects to β”‚ β”‚ /signin β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ ↓ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ SignIn Page Loads: β”‚ β”‚ 1. Reads logout_reason from localStorageβ”‚ β”‚ 2. Shows yellow alert box to user β”‚ β”‚ 3. Logs full details to console β”‚ β”‚ 4. Clears logout_reason β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ ``` --- ## Debugging ### Check Browser Console ```javascript // Look for these log messages: 🚨 LOGOUT TRIGGERED - Backend Validation Failed 🚨 LOGOUT TRIGGERED - Token Refresh Failed 🚨 LOGOUT TRIGGERED - No Refresh Token 🚨 LOGOUT TRIGGERED - Authentication Credentials Missing 🚨 LOGOUT TRIGGERED - Account Required 🚨 LOGOUT TRIGGERED - Plan Required πŸšͺ LOGOUT - User Action // Or read stored reason: JSON.parse(localStorage.getItem('logout_reason')) ``` ### Check Backend Logs ```bash # All auto-logouts docker logs igny8_backend 2>&1 | grep "[AUTO-LOGOUT]" # Specific error docker logs igny8_backend 2>&1 | grep "SESSION_ACCOUNT_MISMATCH" # Real-time docker logs -f igny8_backend | grep "[AUTO-LOGOUT]" ``` --- ## Key Features βœ… **Exact Page Tracking** - Shows where logout happened (not /signin) βœ… **Detailed Context** - All relevant IDs and state captured βœ… **User-Friendly Display** - Simple message + expandable details βœ… **Developer Tools** - Console logs + backend logs + grep-friendly βœ… **No False Positives** - Only logs out when necessary βœ… **Automatic Cleanup** - Shown once, then cleared --- ## Files Modified 1. `backend/igny8_core/auth/middleware.py` - Backend logout tracking 2. `frontend/src/services/api.ts` - API interceptor enhancements 3. `frontend/src/store/authStore.ts` - Auth store tracking 4. `frontend/src/components/auth/SignInForm.tsx` - Display component --- ## Testing ```bash # 1. Make code change to trigger logout # 2. User gets logged out # 3. Check console for 🚨 log # 4. See yellow alert on signin page # 5. Click ℹ️ for technical details # 6. Check backend logs for confirmation ``` --- ## Result **Before:** "Why was I logged out?" 🀷 **After:** "Session contamination: account ID mismatch on /dashboard/content at 10:30:45" βœ… **Every logout is now tracked, explained, and debuggable.**