Clear scheduler auth cookies on logout
Create PR containing updated CHANGELOG.md and release packages to NPM once PR is merged / Release (push) Has been cancelled
Run i18n AI automation / Run i18n (push) Has been cancelled
Next.js Bundle Analysis / analyze (push) Has been cancelled

This commit is contained in:
2026-06-15 11:02:03 -06:00
parent 240e0a7309
commit a635be2c71
2 changed files with 51 additions and 3 deletions
@@ -0,0 +1,50 @@
import { NextResponse, type NextRequest } from "next/server";
export const dynamic = "force-dynamic";
const COOKIE_NAMES = [
"next-auth.session-token",
"__Secure-next-auth.session-token",
"next-auth.callback-url",
"__Secure-next-auth.callback-url",
"next-auth.csrf-token",
"__Secure-next-auth.csrf-token",
"next-auth.pkce.code_verifier",
"__Secure-next-auth.pkce.code_verifier",
"next-auth.state",
"__Secure-next-auth.state",
"next-auth.nonce",
"__Secure-next-auth.nonce",
];
const CHUNK_SUFFIXES = ["", ".0", ".1", ".2", ".3", ".4"];
function clearCookie(response: NextResponse, name: string, domain?: string) {
response.cookies.set(name, "", {
domain,
expires: new Date(0),
httpOnly: true,
maxAge: 0,
path: "/",
sameSite: "lax",
secure: true,
});
}
export function GET(request: NextRequest) {
const response = NextResponse.redirect(new URL("/login", request.url));
const configuredDomain = process.env.NEXTAUTH_COOKIE_DOMAIN || undefined;
for (const name of COOKIE_NAMES) {
for (const suffix of CHUNK_SUFFIXES) {
clearCookie(response, `${name}${suffix}`);
if (configuredDomain) {
clearCookie(response, `${name}${suffix}`, configuredDomain);
}
}
}
return response;
}
export { GET as POST };
@@ -1,14 +1,12 @@
"use client";
import { signOut } from "next-auth/react";
export function AuthentikLogoutButton() {
return (
<button
className="auth-primary"
type="button"
onClick={() => {
void signOut({ callbackUrl: "/login" });
window.location.assign("/api/scheduler/logout");
}}>
Sign out
</button>