Clear scheduler auth cookies on logout
This commit is contained in:
@@ -0,0 +1,50 @@
|
||||
import { NextResponse, type NextRequest } from "next/server";
|
||||
|
||||
export const dynamic = "force-dynamic";
|
||||
|
||||
const COOKIE_NAMES = [
|
||||
"next-auth.session-token",
|
||||
"__Secure-next-auth.session-token",
|
||||
"next-auth.callback-url",
|
||||
"__Secure-next-auth.callback-url",
|
||||
"next-auth.csrf-token",
|
||||
"__Secure-next-auth.csrf-token",
|
||||
"next-auth.pkce.code_verifier",
|
||||
"__Secure-next-auth.pkce.code_verifier",
|
||||
"next-auth.state",
|
||||
"__Secure-next-auth.state",
|
||||
"next-auth.nonce",
|
||||
"__Secure-next-auth.nonce",
|
||||
];
|
||||
|
||||
const CHUNK_SUFFIXES = ["", ".0", ".1", ".2", ".3", ".4"];
|
||||
|
||||
function clearCookie(response: NextResponse, name: string, domain?: string) {
|
||||
response.cookies.set(name, "", {
|
||||
domain,
|
||||
expires: new Date(0),
|
||||
httpOnly: true,
|
||||
maxAge: 0,
|
||||
path: "/",
|
||||
sameSite: "lax",
|
||||
secure: true,
|
||||
});
|
||||
}
|
||||
|
||||
export function GET(request: NextRequest) {
|
||||
const response = NextResponse.redirect(new URL("/login", request.url));
|
||||
const configuredDomain = process.env.NEXTAUTH_COOKIE_DOMAIN || undefined;
|
||||
|
||||
for (const name of COOKIE_NAMES) {
|
||||
for (const suffix of CHUNK_SUFFIXES) {
|
||||
clearCookie(response, `${name}${suffix}`);
|
||||
if (configuredDomain) {
|
||||
clearCookie(response, `${name}${suffix}`, configuredDomain);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
export { GET as POST };
|
||||
@@ -1,14 +1,12 @@
|
||||
"use client";
|
||||
|
||||
import { signOut } from "next-auth/react";
|
||||
|
||||
export function AuthentikLogoutButton() {
|
||||
return (
|
||||
<button
|
||||
className="auth-primary"
|
||||
type="button"
|
||||
onClick={() => {
|
||||
void signOut({ callbackUrl: "/login" });
|
||||
window.location.assign("/api/scheduler/logout");
|
||||
}}>
|
||||
Sign out
|
||||
</button>
|
||||
|
||||
Reference in New Issue
Block a user