ekzyis
/
stacker.news
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleanup multi_auth.* cookies if no next account available

This commit is contained in:
ekzyis 2023-11-22 05:16:59 +01:00
parent c235ca3fe7
commit c480fd450b
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pages/api/signout.js
View File

@ -32,18 +32,18 @@ export default (req, res) => {
// remove JWT pointed to by cookie pointer // remove JWT pointed to by cookie pointer
cookies.push(cookie.serialize(`multi_auth.${userId}`, '', { ...cookieOptions, expires: 0, maxAge: 0 })) cookies.push(cookie.serialize(`multi_auth.${userId}`, '', { ...cookieOptions, expires: 0, maxAge: 0 }))
// update multi_auth cookie // update multi_auth cookie and check if there are more accounts available
const oldMultiAuth = b64Decode(req.cookies.multi_auth) const oldMultiAuth = b64Decode(req.cookies.multi_auth)
const newMultiAuth = oldMultiAuth.filter(({ id }) => id !== Number(userId)) const newMultiAuth = oldMultiAuth.filter(({ id }) => id !== Number(userId))
cookies.push(cookie.serialize('multi_auth', b64Encode(newMultiAuth), { ...cookieOptions, httpOnly: false })) if (newMultiAuth.length === 0) {
// no next account available. cleanup: remove multi_auth + pointer cookie
// switch to next available account cookies.push(cookie.serialize('multi_auth', '', { ...cookieOptions, httpOnly: false, expires: 0, maxAge: 0 }))
if (!newMultiAuth.length) { cookies.push(cookie.serialize('multi_auth.user-id', '', { ...cookieOptions, httpOnly: false, expires: 0, maxAge: 0 }))
// no next account available
res.setHeader('Set-Cookie', cookies) res.setHeader('Set-Cookie', cookies)
res.status(204).end() res.status(204).end()
return return
} }
cookies.push(cookie.serialize('multi_auth', b64Encode(newMultiAuth), { ...cookieOptions, httpOnly: false }))
const newUserId = newMultiAuth[0].id const newUserId = newMultiAuth[0].id
const newUserJWT = req.cookies[`multi_auth.${newUserId}`] const newUserJWT = req.cookies[`multi_auth.${newUserId}`]