Fix navbar: SVG logos, Settings menu, Logout handler

- Image handler now returns SVG placeholders for company logo and user avatars instead of broken 1x1 PNG (fixes yellow border in navbar) - Supports both query-param (?model=&field=) and path-style URLs (/web/image/res.partner/2/avatar_128) - Added Settings app menu with Users & Technical sub-menus - Added actions for Settings (company form), Users list, Sequences - Added /web/session/logout handler that clears session + cookie - Added logout to middleware whitelist Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 01:31:37 +02:00
parent 06cd2755bc
commit cc823d3310
6 changed files with 153 additions and 6 deletions
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -119,6 +119,9 @@ func (s *Server) registerRoutes() {
 	// File upload
 	s.mux.HandleFunc("/web/binary/upload_attachment", s.handleUpload)

+	// Logout
+	s.mux.HandleFunc("/web/session/logout", s.handleLogout)
+
 	// Health check
 	s.mux.HandleFunc("/health", s.handleHealth)

@@ -796,6 +799,22 @@ func (s *Server) handleVersionInfo(w http.ResponseWriter, r *http.Request) {
 	}, nil)
 }

+// handleLogout destroys the session and redirects to login.
+// Mirrors: odoo/addons/web/controllers/home.py Home.web_logout()
+func (s *Server) handleLogout(w http.ResponseWriter, r *http.Request) {
+	if cookie, err := r.Cookie("session_id"); err == nil && cookie.Value != "" {
+		s.sessions.Delete(cookie.Value)
+	}
+	http.SetCookie(w, &http.Cookie{
+		Name:     "session_id",
+		Value:    "",
+		Path:     "/",
+		MaxAge:   -1,
+		HttpOnly: true,
+	})
+	http.Redirect(w, r, "/web/login", http.StatusFound)
+}
+
 func (s *Server) handleHealth(w http.ResponseWriter, r *http.Request) {
 	err := s.pool.Ping(context.Background())
 	if err != nil {