refactor(auth): consolidate logout logic and state cleanup

- Clears TanStack Query cache and cancels pending queries to prevent data leaks.
- Ensures Intercom messenger is hidden and shut down on logout.
- Resets organization state and removes associated data from local storage.
- Enhances the logout function to support dependency injection for better testability.
- Updates the logout page to use the centralized cleanup logic.

Author: niemyjski

src/Exceptionless.Web/ClientApp/src/lib/features/auth/api.svelte.ts

@@ -1,7 +1,9 @@
 import { env } from '$env/dynamic/public';
 import { getIntercomTokenSessionKey, intercomTokenRefreshIntervalMs } from '$features/intercom/config';
+import { organization } from '$features/organizations/context.svelte';
 import { ProblemDetails, useFetchClient } from '@exceptionless/fetchclient';
-import { createQuery } from '@tanstack/svelte-query';
+import { hide as hideIntercom, shutdown as shutdownIntercom } from '@intercom/messenger-js-sdk';
+import { createQuery, type QueryClient } from '@tanstack/svelte-query';
 
 import type { Login, TokenResult } from './models';
 
@@ -93,10 +95,23 @@ export async function login(email: string, password: string) {
     return response;
 }
 
-export async function logout() {
-    const client = useFetchClient();
-    await client.get('auth/logout', { expectedStatusCodes: [200, 401] });
-    accessToken.current = '';
+export async function logout(queryClient?: QueryClient, client = useFetchClient()) {
+    await client.get('auth/logout', { expectedStatusCodes: [200, 401, 403] });
+
+    await queryClient?.cancelQueries();
+    queryClient?.clear();
+
+    if (typeof window !== 'undefined' && 'Intercom' in window && typeof window.Intercom === 'function') {
+        hideIntercom();
+        shutdownIntercom();
+    }
+
+    organization.current = undefined;
+    if (typeof localStorage !== 'undefined') {
+        localStorage.removeItem('organization');
+    }
+
+    accessToken.current = null;
 }
 
 export async function resetPassword(passwordResetToken: string, password: string) {

src/Exceptionless.Web/ClientApp/src/lib/features/auth/api.test.ts

@@ -0,0 +1,28 @@
+import { FetchClient } from '@exceptionless/fetchclient';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { logout } from './api.svelte';
+
+describe('logout', () => {
+    beforeEach(() => {
+        // Mock localStorage for server-side tests
+        Object.defineProperty(globalThis, 'localStorage', {
+            configurable: true,
+            value: {
+                removeItem: vi.fn()
+            },
+            writable: true
+        });
+    });
+
+    it('uses the provided client instance for the logout request', async () => {
+        const mockClient = {
+            get: vi.fn().mockResolvedValue({ ok: true, status: 200 }),
+            isLoading: false
+        } as unknown as FetchClient;
+
+        await logout(undefined, mockClient);
+
+        expect(mockClient.get).toHaveBeenCalledWith('auth/logout', { expectedStatusCodes: [200, 401, 403] });
+    });
+});

src/Exceptionless.Web/ClientApp/src/routes/(auth)/logout/+page.svelte

@@ -9,8 +9,9 @@
     import { accessToken, logout } from '$features/auth/index.svelte';
     import { useFetchClientStatus } from '$shared/api/api.svelte';
     import { useFetchClient } from '@exceptionless/fetchclient';
+    import { useQueryClient } from '@tanstack/svelte-query';
 
-    let isAuthenticated = $derived(accessToken.current !== null);
+    let isAuthenticated = $derived(!!accessToken.current);
 
     $effect(() => {
         if (!isAuthenticated) {
@@ -20,25 +21,23 @@
 
     const client = useFetchClient();
     const clientStatus = useFetchClientStatus(client);
+    const queryClient = useQueryClient();
 
     let message = $state<string>();
-    async function onLogout() {
+    async function onLogout(event: SubmitEvent) {
+        event.preventDefault();
+
         if (client.isLoading) {
             return;
         }
 
-        const response = await client.get('auth/logout');
-        if (response.ok) {
-            await logout();
-            await goto(resolve('/(auth)/login'));
-        } else {
-            message = 'An error occurred while logging out, please try again.';
-        }
+        await logout(queryClient, client);
+        await goto(resolve('/(auth)/login'));
     }
 </script>
 
 <Card.Root class="mx-auto w-sm">
-    <Card.Header class="min-w-[382px]">
+    <Card.Header class="min-w-95.5">
         <Logo />
     </Card.Header>
     <Card.Content>