From c233f6cef67dade7dc7a0bb29ac4e0fa0f75bb55 Mon Sep 17 00:00:00 2001
From: mahdahar <89adham@gmail.com>
Date: Tue, 30 Dec 2025 09:12:32 +0700
Subject: [PATCH] Perbaikan Auth logout

---
 app/Controllers/Auth.php | 30 ++++++++++++++++++++----------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/app/Controllers/Auth.php b/app/Controllers/Auth.php
index 17a63a8..0ada4e5 100644
--- a/app/Controllers/Auth.php
+++ b/app/Controllers/Auth.php
@@ -121,13 +121,6 @@ class Auth extends Controller {
     //         // 'secure'   => $isSecure,            // true for HTTPS, false for HTTP (localhost)
     //         // 'httponly' => true,                 // dipakai agar cookie berikut tidak dapat diakses oleh javascript
     //         // 'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX 
-    //         'name'     => 'token',
-    //         'value'    => '',
-    //         'expire'   => time() - 3600,
-    //         'path'     => '/',
-    //         'secure'   => true,   
-    //         'httponly' => true,
-    //         'samesite' => Cookie::SAMESITE_NONE
     //     ]);
         
 
@@ -195,17 +188,34 @@ class Auth extends Controller {
     }
 
     // ok
+    // public function logout() {
+    //     // Definisikan ini pada cookies browser, harus sama dengan cookies login
+    //     // $isSecure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on';
+    //     return $this->response->setCookie([
+    //         'name'     => 'token',
+    //         'value'    => '',
+    //         'expire'   => time() - 3600,
+    //         'path'     => '/',
+    //         'secure'   => $isSecure,   
+    //         'httponly' => true,
+    //         'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX
+        
+    //     ])->setJSON([
+    //         'status'    => 'success',
+    //         'code' => 200, 
+    //         'message'   => 'Logout successful'
+    //     ], 200);
+    // }
     public function logout() {
         // Definisikan ini pada cookies browser, harus sama dengan cookies login
-        // $isSecure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on';
         return $this->response->setCookie([
             'name'     => 'token',
             'value'    => '',
             'expire'   => time() - 3600,
             'path'     => '/',
-            'secure'   => $isSecure,   
+            'secure'   => true,   
             'httponly' => true,
-            'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX
+            'samesite' => Cookie::SAMESITE_NONE
         
         ])->setJSON([
             'status'    => 'success',