From 5a719d126cf4430d718b3ffa5beaf3b47521a66d Mon Sep 17 00:00:00 2001
From: cay <cay@joksch.ch>
Date: Sun, 29 Mar 2026 14:20:53 +0100
Subject: [PATCH] =?UTF-8?q?io=C3=A4=C3=B6-i?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 routes/login.js  | 12 ++++++++++++
 routes/logout.js | 28 ++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 routes/logout.js

diff --git a/routes/login.js b/routes/login.js
index 4bf6590..3570343 100644
--- a/routes/login.js
+++ b/routes/login.js
@@ -42,6 +42,18 @@ router.post("/", async (req, res) => {
       });
     }
 
+    /* ================================
+       Prüfen ob User bereits eingeloggt
+    ================================= */
+
+    if (user.session_token) {
+      return res.render("index", {
+        error: "Dieser Account ist bereits eingeloggt. Bitte zuerst ausloggen.",
+        servers,
+        extraServers: [],
+      });
+    }
+
     /* ================================
        Session Token erstellen
     ================================= */
diff --git a/routes/logout.js b/routes/logout.js
new file mode 100644
index 0000000..a43a0be
--- /dev/null
+++ b/routes/logout.js
@@ -0,0 +1,28 @@
+const express = require("express");
+const router = express.Router();
+const db = require("../database/database");
+
+/* ================================
+   Logout
+================================ */
+
+router.get("/", async (req, res) => {
+  try {
+    if (req.session.user) {
+      // Session Token in DB löschen → gibt den Account frei
+      await db.query("UPDATE accounts SET session_token = NULL WHERE id = ?", [
+        req.session.user.id,
+      ]);
+    }
+
+    // Session zerstören
+    req.session.destroy(() => {
+      res.redirect("/");
+    });
+  } catch (err) {
+    console.error("Logout Fehler:", err);
+    res.redirect("/");
+  }
+});
+
+module.exports = router;