From 72799b64b9db1526c7ea79dfaa6c245042c10ad2 Mon Sep 17 00:00:00 2001
From: Vadym Samoilenko <vadymsamoilenko@oliver.agency>
Date: Mon, 23 Mar 2026 16:49:11 +0000
Subject: [PATCH] Logout: app-only signout, no Microsoft account redirect

clearCache() removes MSAL tokens locally; next visit auto-SSOs silently
if the user is still logged into Microsoft in the browser.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 frontend/src/components/layout/TopBar.tsx | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/frontend/src/components/layout/TopBar.tsx b/frontend/src/components/layout/TopBar.tsx
index a773c52..f66c76d 100644
--- a/frontend/src/components/layout/TopBar.tsx
+++ b/frontend/src/components/layout/TopBar.tsx
@@ -1,6 +1,6 @@
 import { useNavigate, useLocation } from 'react-router-dom'
+import { useMsal } from '@azure/msal-react'
 import { useAuthStore } from '../../stores/useAuthStore'
-import api from '../../api/client'
 
 const IconChevronLeft = () => (
   <svg width="13" height="13" viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2.5" strokeLinecap="round" strokeLinejoin="round">
@@ -13,17 +13,13 @@ export default function TopBar() {
   const logout = useAuthStore(s => s.logout)
   const navigate = useNavigate()
   const location = useLocation()
+  const { instance } = useMsal()
 
-  const handleLogout = async () => {
-    try {
-      const res = await api.post('/auth/logout', { redirectUri: window.location.origin + '/ac-helper/' })
-      logout()
-      if (res.data.logoutUrl) window.location.href = res.data.logoutUrl
-      else navigate('/login')
-    } catch {
-      logout()
-      navigate('/login')
-    }
+  const handleLogout = () => {
+    // App-only logout: clear local token + MSAL cache, no Microsoft account signout
+    logout()
+    instance.clearCache()
+    navigate('/')
   }
 
   const isDashboard = location.pathname === '/'