From 6c0219736915157517a85c2535e93e8cd59b5839 Mon Sep 17 00:00:00 2001
From: dmolinari <dmolinari@eldia.com>
Date: Tue, 14 Apr 2026 13:28:10 -0300
Subject: [PATCH] feat(app): implement LogoutCommand handler with idempotent
 revocation

---
 .../Auth/Logout/LogoutCommand.cs              |  3 +++
 .../Auth/Logout/LogoutCommandHandler.cs       | 22 +++++++++++++++++++
 .../Auth/Logout/LogoutResponseDto.cs          |  3 +++
 3 files changed, 28 insertions(+)
 create mode 100644 src/api/SIGCM2.Application/Auth/Logout/LogoutCommand.cs
 create mode 100644 src/api/SIGCM2.Application/Auth/Logout/LogoutCommandHandler.cs
 create mode 100644 src/api/SIGCM2.Application/Auth/Logout/LogoutResponseDto.cs

diff --git a/src/api/SIGCM2.Application/Auth/Logout/LogoutCommand.cs b/src/api/SIGCM2.Application/Auth/Logout/LogoutCommand.cs
new file mode 100644
index 0000000..cb05772
--- /dev/null
+++ b/src/api/SIGCM2.Application/Auth/Logout/LogoutCommand.cs
@@ -0,0 +1,3 @@
+namespace SIGCM2.Application.Auth.Logout;
+
+public sealed record LogoutCommand(int UsuarioId);
diff --git a/src/api/SIGCM2.Application/Auth/Logout/LogoutCommandHandler.cs b/src/api/SIGCM2.Application/Auth/Logout/LogoutCommandHandler.cs
new file mode 100644
index 0000000..9103a08
--- /dev/null
+++ b/src/api/SIGCM2.Application/Auth/Logout/LogoutCommandHandler.cs
@@ -0,0 +1,22 @@
+using SIGCM2.Application.Abstractions;
+using SIGCM2.Application.Abstractions.Persistence;
+
+namespace SIGCM2.Application.Auth.Logout;
+
+public sealed class LogoutCommandHandler : ICommandHandler<LogoutCommand, LogoutResponseDto>
+{
+    private readonly IRefreshTokenRepository _refreshRepo;
+
+    public LogoutCommandHandler(IRefreshTokenRepository refreshRepo)
+    {
+        _refreshRepo = refreshRepo;
+    }
+
+    public async Task<LogoutResponseDto> Handle(LogoutCommand command)
+    {
+        // Revoke all active tokens for the user across all families.
+        // Idempotent: 0 rows affected is not an error.
+        await _refreshRepo.RevokeAllActiveForUserAsync(command.UsuarioId, DateTime.UtcNow);
+        return new LogoutResponseDto(true, "Sesión cerrada correctamente");
+    }
+}
diff --git a/src/api/SIGCM2.Application/Auth/Logout/LogoutResponseDto.cs b/src/api/SIGCM2.Application/Auth/Logout/LogoutResponseDto.cs
new file mode 100644
index 0000000..023f3dc
--- /dev/null
+++ b/src/api/SIGCM2.Application/Auth/Logout/LogoutResponseDto.cs
@@ -0,0 +1,3 @@
+namespace SIGCM2.Application.Auth.Logout;
+
+public sealed record LogoutResponseDto(bool Success, string Mensaje);