Alex/GoMembership
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

frontend fix: Cookie passthrough

Browse Source
This commit is contained in:
$(pass /github/name)
2024-09-20 08:39:47 +02:00
parent 43a039ae91
commit e0cc893493
2 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
frontend/src/routes/auth/logout/+page.server.js
View File

@@ -5,7 +5,7 @@ import { fail, redirect } from "@sveltejs/kit";
export async function load({ locals }) {
// redirect user if not logged in
if (!locals.user) {
throw redirect(302, `/auth/login?next=/auth/logout`);
throw redirect(302, `/auth/login?next=/`);
}
}
@@ -34,9 +34,24 @@ export const actions = {
return fail(400, { errors: errors });
}
// The server should clear the cookie, so we don't need to handle it here
// eat the cookie
cookies.delete("jwt", { path: "/" });
// The server should clear the cookie, so we don't need to handle it here
// Just check if the cookie is cleared in the response
const setCookieHeader = res.headers.get("set-cookie");
if (!setCookieHeader || !setCookieHeader.includes("jwt=;")) {
console.error("JWT cookie not cleared in response");
return fail(500, {
errors: [
{
error: "Server error: Failed to clear authentication token",
id: Date.now(),
},
],
});
}
// redirect the user
throw redirect(302, "/auth/login");
},