Starship/CoreID
1
0
Fork 0
Code Issues 8 Pull Requests Releases 34 Wiki Activity

Centralize logout method; delete OIDC sessions on logout

Browse Source
This commit is contained in:
Garrett Mills
2020-08-23 14:42:00 -05:00
parent d9c76e8dde
commit ff5ed6b39a
5 changed files with 34 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/api/v1/Auth.controller.js
View File

@@ -725,8 +725,7 @@ class AuthController extends Controller {
await this.activity.mfa_enable({ req })
// invalidate existing tokens and other logins
const flitter = await this.auth.get_provider('flitter')
await flitter.logout(req)
await req.user.logout(req)
await req.user.kickout()
return res.api({success: true, mfa_enabled: req.user.mfa_enabled})
@@ -747,8 +746,7 @@ class AuthController extends Controller {
await this.activity.mfa_disable({ req })
// invalidate existing login tokens and logins
const flitter = await this.auth.get_provider('flitter')
await flitter.logout(req)
await req.user.logout(req)
await req.user.kickout()
return res.api({success: true, mfa_enabled: req.user.mfa_enabled})

3
app/controllers/api/v1/Password.controller.js
View File

@@ -91,8 +91,7 @@ class PasswordController extends Controller {
if ( req.trap.has_trap() && req.trap.get_trap() === 'password_reset' ) await req.trap.end()
// invalidate existing tokens and other logins
const flitter = await this.auth.get_provider('flitter')
await flitter.logout(req)
await req.user.logout(req)
await req.user.kickout()
req.trust.unassume()
return res.api()

3
app/controllers/saml/SAML.controller.js
View File

@@ -19,7 +19,6 @@ class SAMLController extends Controller {
})(req, res, next)
}
// TODO some sort of first-logon flow
async get_sso(req, res, next) {
const index = await req.saml.participants.issue({ service_provider: req.saml_request.service_provider })
@@ -71,7 +70,7 @@ class SAMLController extends Controller {
this.output.info(`${req.T('saml.clear_idp_session')} ${req.user.uid}`)
req.saml.participants.clear().then(async () => {
if ( this.saml.config().slo.end_coreid_session ) {
await req.user.get_provider().logout(req)
await req.user.logout(req)
// show logout page
return this.Vue.auth_message(res, {