alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

session correction logout 3 rest 2

Browse Source
This commit is contained in:
alma 2025-04-18 14:07:40 +02:00
parent 0f3818bb99
commit 4cb1e1119e
3 changed files with 15 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
app/api/auth/[...nextauth]/route.ts
View File

@ -1,29 +1,12 @@
import NextAuth, { NextAuthOptions } from "next-auth"; import NextAuth, { NextAuthOptions } from "next-auth";
import KeycloakProvider from "next-auth/providers/keycloak"; import KeycloakProvider from "next-auth/providers/keycloak";
import { prisma } from '@/lib/prisma'; import { prisma } from '@/lib/prisma';
import { ExtendedJWT, ExtendedSession, ServiceToken, invalidateServiceTokens, clearAllCookies } from '@/lib/session'; import { ExtendedJWT, ExtendedSession, ServiceToken, invalidateServiceTokens } from '@/lib/session';
import { Session } from "next-auth"; import { Session } from "next-auth";
declare module "next-auth" { declare module "next-auth" {
interface Session extends ExtendedSession {} interface Session extends ExtendedSession {}
interface JWT { interface JWT extends ExtendedJWT {}
accessToken?: string;
refreshToken?: string;
accessTokenExpires?: number;
role?: string[];
username?: string;
first_name?: string;
last_name?: string;
name?: string | null;
email?: string | null;
serviceTokens: {
rocketChat?: ServiceToken;
leantime?: ServiceToken;
calendar?: ServiceToken;
mail?: ServiceToken;
[key: string]: ServiceToken | undefined;
};
}
} }
function getRequiredEnvVar(name: string): string { function getRequiredEnvVar(name: string): string {
@ -55,7 +38,7 @@ export const authOptions: NextAuthOptions = {
], ],
session: { session: {
strategy: "jwt", strategy: "jwt",
maxAge: 8 * 60 * 60, // 8 hours maxAge: 24 * 60 * 60, // 1 day
}, },
cookies: { cookies: {
sessionToken: { sessionToken: {
@ -67,7 +50,7 @@ export const authOptions: NextAuthOptions = {
sameSite: 'lax', sameSite: 'lax',
path: '/', path: '/',
secure: process.env.NODE_ENV === 'production', secure: process.env.NODE_ENV === 'production',
maxAge: 8 * 60 * 60 // 8 hours maxAge: 24 * 60 * 60 // 1 day
} }
}, },
callbackUrl: { callbackUrl: {
@ -79,7 +62,7 @@ export const authOptions: NextAuthOptions = {
sameSite: 'lax', sameSite: 'lax',
path: '/', path: '/',
secure: process.env.NODE_ENV === 'production', secure: process.env.NODE_ENV === 'production',
maxAge: 8 * 60 * 60 // 8 hours maxAge: 24 * 60 * 60 // 1 day
} }
}, },
csrfToken: { csrfToken: {
@ -91,7 +74,7 @@ export const authOptions: NextAuthOptions = {
sameSite: 'lax', sameSite: 'lax',
path: '/', path: '/',
secure: process.env.NODE_ENV === 'production', secure: process.env.NODE_ENV === 'production',
maxAge: 8 * 60 * 60 // 8 hours maxAge: 24 * 60 * 60 // 1 day
} }
} }
}, },
@ -103,7 +86,6 @@ export const authOptions: NextAuthOptions = {
} }
try { try {
// Create or update user in local database
await prisma.user.upsert({ await prisma.user.upsert({
where: { id: user.id }, where: { id: user.id },
update: { update: {
@ -177,20 +159,14 @@ export const authOptions: NextAuthOptions = {
accessToken: extendedToken.accessToken ?? '', accessToken: extendedToken.accessToken ?? '',
refreshToken: extendedToken.refreshToken, refreshToken: extendedToken.refreshToken,
serviceTokens: extendedToken.serviceTokens ?? {}, serviceTokens: extendedToken.serviceTokens ?? {},
expires: new Date(Date.now()).toISOString(), // Expire immediately expires: new Date(Date.now() + 24 * 60 * 60 * 1000).toISOString(),
} as ExtendedSession); } as ExtendedSession);
// Force clear all cookies on signout
if (typeof window !== 'undefined') {
clearAllCookies();
}
} }
} }
}, },
pages: { pages: {
signIn: '/signin', signIn: '/signin',
error: '/signin', error: '/signin',
signOut: '/signin', // Redirect to signin after signout
}, },
debug: process.env.NODE_ENV === 'development', debug: process.env.NODE_ENV === 'development',
}; };

6
components/auth/signout-handler.tsx
View File

@ -2,13 +2,13 @@
import { useEffect } from "react"; import { useEffect } from "react";
import { signOut } from "next-auth/react"; import { signOut } from "next-auth/react";
import { clearAllCookies } from "@/lib/session"; import { clearAuthCookies } from "@/lib/session";
export function SignOutHandler() { export function SignOutHandler() {
useEffect(() => { useEffect(() => {
const handleSignOut = async () => { const handleSignOut = async () => {
// Clear all cookies first // Clear only auth-related cookies
clearAllCookies(); clearAuthCookies();
// Then sign out from NextAuth // Then sign out from NextAuth
await signOut({ await signOut({

7
lib/session.ts
View File

@ -90,10 +90,13 @@ export async function invalidateServiceTokens(session: ExtendedSession) {
await Promise.all(invalidatePromises); await Promise.all(invalidatePromises);
} }
export function clearAllCookies() { export function clearAuthCookies() {
const cookies = document.cookie.split(';'); const cookies = document.cookie.split(';');
for (const cookie of cookies) { for (const cookie of cookies) {
const [name] = cookie.split('='); const [name] = cookie.split('=');
document.cookie = `${name.trim()}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;`; // Only clear auth-related cookies
if (name.trim().startsWith('next-auth.') || name.trim().startsWith('__Secure-next-auth.') || name.trim().startsWith('__Host-next-auth.')) {
document.cookie = `${name.trim()}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;`;
}
} }
} }