From 34ec42d134cc53ce57bf63391ca9985cb494b439 Mon Sep 17 00:00:00 2001
From: jingrow <support@jingrow.com>
Date: Sun, 23 Nov 2025 02:28:26 +0800
Subject: [PATCH] Fix logout cookie deletion: remove unsupported max_age
 parameter

---
 apps/jingrow/jingrow/api/auth_api.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/apps/jingrow/jingrow/api/auth_api.py b/apps/jingrow/jingrow/api/auth_api.py
index 2bc9f77..bbd8121 100644
--- a/apps/jingrow/jingrow/api/auth_api.py
+++ b/apps/jingrow/jingrow/api/auth_api.py
@@ -78,9 +78,13 @@ def create_response_clear_cookies(data: dict) -> JSONResponse:
     """创建响应并清除所有相关cookie"""
     response = JSONResponse(content=data)
     for cookie_name in COOKIES_TO_CLEAR:
-        cookie_kwargs = COOKIE_CONFIG.copy()
-        if cookie_name == "sid":
-            cookie_kwargs.pop("secure", None)
+        cookie_kwargs = {
+            "path": COOKIE_CONFIG.get("path", "/"),
+            "samesite": COOKIE_CONFIG.get("samesite", "lax"),
+            "httponly": COOKIE_CONFIG.get("httponly", True)
+        }
+        if COOKIE_CONFIG.get("secure"):
+            cookie_kwargs["secure"] = True
         response.delete_cookie(key=cookie_name, **cookie_kwargs)
     return response