//! `pic logout` — revoke the saved session server-side, then wipe the
//! local credentials file.
//!
//! Idempotent: if the file doesn't exist or the server already forgot
//! the session, we still succeed. The point is leaving the user in a
//! clean "no token" state, not enforcing that a session existed.

use anyhow::Result;

use crate::client::Client;
use crate::config;

pub async fn run() -> Result<()> {
    // Load before delete so we have a token to POST /logout with; if
    // there's no creds file there's also nothing to revoke server-side.
    let creds = config::load().ok();

    if let Some(creds) = creds {
        let client = Client::from_creds(&creds)?;
        // Best-effort: a 4xx (token already invalid) or network error
        // shouldn't block the local wipe. The whole point of logout is
        // leaving no credentials on disk.
        let _ = client.auth_logout().await;
    }

    config::delete()?;
    println!("Logged out");
    Ok(())
}