feat(app): implement LogoutCommand handler with idempotent revocation

src/api/SIGCM2.Application/Auth/Logout/LogoutCommand.cs

@@ -0,0 +1,3 @@
+namespace SIGCM2.Application.Auth.Logout;
+
+public sealed record LogoutCommand(int UsuarioId);

src/api/SIGCM2.Application/Auth/Logout/LogoutCommandHandler.cs

@@ -0,0 +1,22 @@
+using SIGCM2.Application.Abstractions;
+using SIGCM2.Application.Abstractions.Persistence;
+
+namespace SIGCM2.Application.Auth.Logout;
+
+public sealed class LogoutCommandHandler : ICommandHandler<LogoutCommand, LogoutResponseDto>
+{
+    private readonly IRefreshTokenRepository _refreshRepo;
+
+    public LogoutCommandHandler(IRefreshTokenRepository refreshRepo)
+    {
+        _refreshRepo = refreshRepo;
+    }
+
+    public async Task<LogoutResponseDto> Handle(LogoutCommand command)
+    {
+        // Revoke all active tokens for the user across all families.
+        // Idempotent: 0 rows affected is not an error.
+        await _refreshRepo.RevokeAllActiveForUserAsync(command.UsuarioId, DateTime.UtcNow);
+        return new LogoutResponseDto(true, "Sesión cerrada correctamente");
+    }
+}

src/api/SIGCM2.Application/Auth/Logout/LogoutResponseDto.cs

@@ -0,0 +1,3 @@
+namespace SIGCM2.Application.Auth.Logout;
+
+public sealed record LogoutResponseDto(bool Success, string Mensaje);