session correction logout 3 rest 2
This commit is contained in:
parent
0f3818bb99
commit
4cb1e1119e
@ -1,29 +1,12 @@
|
||||
import NextAuth, { NextAuthOptions } from "next-auth";
|
||||
import KeycloakProvider from "next-auth/providers/keycloak";
|
||||
import { prisma } from '@/lib/prisma';
|
||||
import { ExtendedJWT, ExtendedSession, ServiceToken, invalidateServiceTokens, clearAllCookies } from '@/lib/session';
|
||||
import { ExtendedJWT, ExtendedSession, ServiceToken, invalidateServiceTokens } from '@/lib/session';
|
||||
import { Session } from "next-auth";
|
||||
|
||||
declare module "next-auth" {
|
||||
interface Session extends ExtendedSession {}
|
||||
interface JWT {
|
||||
accessToken?: string;
|
||||
refreshToken?: string;
|
||||
accessTokenExpires?: number;
|
||||
role?: string[];
|
||||
username?: string;
|
||||
first_name?: string;
|
||||
last_name?: string;
|
||||
name?: string | null;
|
||||
email?: string | null;
|
||||
serviceTokens: {
|
||||
rocketChat?: ServiceToken;
|
||||
leantime?: ServiceToken;
|
||||
calendar?: ServiceToken;
|
||||
mail?: ServiceToken;
|
||||
[key: string]: ServiceToken | undefined;
|
||||
};
|
||||
}
|
||||
interface JWT extends ExtendedJWT {}
|
||||
}
|
||||
|
||||
function getRequiredEnvVar(name: string): string {
|
||||
@ -55,7 +38,7 @@ export const authOptions: NextAuthOptions = {
|
||||
],
|
||||
session: {
|
||||
strategy: "jwt",
|
||||
maxAge: 8 * 60 * 60, // 8 hours
|
||||
maxAge: 24 * 60 * 60, // 1 day
|
||||
},
|
||||
cookies: {
|
||||
sessionToken: {
|
||||
@ -67,7 +50,7 @@ export const authOptions: NextAuthOptions = {
|
||||
sameSite: 'lax',
|
||||
path: '/',
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
maxAge: 8 * 60 * 60 // 8 hours
|
||||
maxAge: 24 * 60 * 60 // 1 day
|
||||
}
|
||||
},
|
||||
callbackUrl: {
|
||||
@ -79,7 +62,7 @@ export const authOptions: NextAuthOptions = {
|
||||
sameSite: 'lax',
|
||||
path: '/',
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
maxAge: 8 * 60 * 60 // 8 hours
|
||||
maxAge: 24 * 60 * 60 // 1 day
|
||||
}
|
||||
},
|
||||
csrfToken: {
|
||||
@ -91,7 +74,7 @@ export const authOptions: NextAuthOptions = {
|
||||
sameSite: 'lax',
|
||||
path: '/',
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
maxAge: 8 * 60 * 60 // 8 hours
|
||||
maxAge: 24 * 60 * 60 // 1 day
|
||||
}
|
||||
}
|
||||
},
|
||||
@ -103,7 +86,6 @@ export const authOptions: NextAuthOptions = {
|
||||
}
|
||||
|
||||
try {
|
||||
// Create or update user in local database
|
||||
await prisma.user.upsert({
|
||||
where: { id: user.id },
|
||||
update: {
|
||||
@ -177,20 +159,14 @@ export const authOptions: NextAuthOptions = {
|
||||
accessToken: extendedToken.accessToken ?? '',
|
||||
refreshToken: extendedToken.refreshToken,
|
||||
serviceTokens: extendedToken.serviceTokens ?? {},
|
||||
expires: new Date(Date.now()).toISOString(), // Expire immediately
|
||||
expires: new Date(Date.now() + 24 * 60 * 60 * 1000).toISOString(),
|
||||
} as ExtendedSession);
|
||||
|
||||
// Force clear all cookies on signout
|
||||
if (typeof window !== 'undefined') {
|
||||
clearAllCookies();
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
pages: {
|
||||
signIn: '/signin',
|
||||
error: '/signin',
|
||||
signOut: '/signin', // Redirect to signin after signout
|
||||
},
|
||||
debug: process.env.NODE_ENV === 'development',
|
||||
};
|
||||
|
||||
@ -2,13 +2,13 @@
|
||||
|
||||
import { useEffect } from "react";
|
||||
import { signOut } from "next-auth/react";
|
||||
import { clearAllCookies } from "@/lib/session";
|
||||
import { clearAuthCookies } from "@/lib/session";
|
||||
|
||||
export function SignOutHandler() {
|
||||
useEffect(() => {
|
||||
const handleSignOut = async () => {
|
||||
// Clear all cookies first
|
||||
clearAllCookies();
|
||||
// Clear only auth-related cookies
|
||||
clearAuthCookies();
|
||||
|
||||
// Then sign out from NextAuth
|
||||
await signOut({
|
||||
|
||||
@ -90,10 +90,13 @@ export async function invalidateServiceTokens(session: ExtendedSession) {
|
||||
await Promise.all(invalidatePromises);
|
||||
}
|
||||
|
||||
export function clearAllCookies() {
|
||||
export function clearAuthCookies() {
|
||||
const cookies = document.cookie.split(';');
|
||||
for (const cookie of cookies) {
|
||||
const [name] = cookie.split('=');
|
||||
document.cookie = `${name.trim()}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;`;
|
||||
// Only clear auth-related cookies
|
||||
if (name.trim().startsWith('next-auth.') || name.trim().startsWith('__Secure-next-auth.') || name.trim().startsWith('__Host-next-auth.')) {
|
||||
document.cookie = `${name.trim()}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;`;
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user