From 239bc6780abef401a6fd710d75b98eeee918866f Mon Sep 17 00:00:00 2001
From: Kayne Ruse <kayneruse@gmail.com>
Date: Sun, 31 Jan 2021 15:44:02 +1100
Subject: [PATCH] BUGFIX: cleared admin cookie on logout

---
 server/accounts/logout.js | 1 +
 server/admin/banned.js    | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/server/accounts/logout.js b/server/accounts/logout.js
index 935b2e6..92f0cd5 100644
--- a/server/accounts/logout.js
+++ b/server/accounts/logout.js
@@ -2,6 +2,7 @@ const route = (req, res) => {
 	//clear cookies and stored data
 	req.session.account = null;
 	res.clearCookie('loggedin');
+	res.clearCookie('admin');
 
 	return res.status(200).end();
 };
diff --git a/server/admin/banned.js b/server/admin/banned.js
index 4d8d955..ab314d7 100644
--- a/server/admin/banned.js
+++ b/server/admin/banned.js
@@ -2,6 +2,7 @@ const { Op } = require('sequelize');
 const { bannedEmails, accounts } = require('../database/models');
 
 const route = async (req, res) => {
+	//TODO: move to middleware
 	//make sure the account is an admin
 	if (req.cookies['admin'] !== process.env.SESSION_ADMIN) {
 		return res.status(401).send('invalid admin status');
@@ -33,7 +34,7 @@ const route = async (req, res) => {
 		.catch(e => console.error(e))
 	;
 
-	res.status(200).json(data);
+	return res.status(200).json(data);
 };
 
 module.exports = route;
\ No newline at end of file