from django.contrib.auth import logout
from django.http import JsonResponse
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_POST

@csrf_exempt
@require_POST
def api_logout(request):
    """
    Handles logout using the request object only.
    """
    try:
        # Clear Django session
        if request.user.is_authenticated:
            logout(request)  # Logs out the Django user

        # Clear any additional session data (e.g., third-party session ID)
        third_party_session_id = request.session.pop('third_party_session_id', None)
        if third_party_session_id:
            # Perform any required third-party logout operations
            print(f"Third-party session cleared: {third_party_session_id}")

        return JsonResponse({'message': 'Logout successful'}, status=200)

    except Exception as e:
        return JsonResponse({'error': str(e)}, status=500)