From fd82601917adcd9f8c38263953eb1ef098b26b7f Mon Sep 17 00:00:00 2001
From: Kang Ming <kang.ming1996@gmail.com>
Date: Fri, 13 Dec 2024 17:24:21 +0800
Subject: [PATCH] fix: check if session is nil (#1873)

## What kind of change does this PR introduce?
* Log a message if the session is nil
---
 internal/api/logout.go | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/internal/api/logout.go b/internal/api/logout.go
index a2c31a312..8afec6ae4 100644
--- a/internal/api/logout.go
+++ b/internal/api/logout.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/sirupsen/logrus"
 	"github.com/supabase/auth/internal/models"
 	"github.com/supabase/auth/internal/storage"
 )
@@ -46,13 +47,17 @@ func (a *API) Logout(w http.ResponseWriter, r *http.Request) error {
 			return terr
 		}
 
-		//exhaustive:ignore Default case is handled below.
-		switch scope {
-		case LogoutLocal:
-			return models.LogoutSession(tx, s.ID)
-
-		case LogoutOthers:
-			return models.LogoutAllExceptMe(tx, s.ID, u.ID)
+		if s == nil {
+			logrus.Infof("user has an empty session_id claim: %s", u.ID)
+		} else {
+			//exhaustive:ignore Default case is handled below.
+			switch scope {
+			case LogoutLocal:
+				return models.LogoutSession(tx, s.ID)
+
+			case LogoutOthers:
+				return models.LogoutAllExceptMe(tx, s.ID, u.ID)
+			}
 		}
 
 		// default mode, log out everywhere