amigan/stillbox
1
1
Fork 0
Code Issues 33 Pull requests Projects Releases Packages Wiki Activity Actions

Improve logout

Browse source
This commit is contained in:
Daniel Ponte 2024-11-22 17:05:29 -05:00
parent 55fdeaf086
commit dc8272b15f
5 changed files with 57 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
client/admin/src/app/auth.guard.ts
View file

@ -1,5 +1,5 @@
import { Router, CanActivateFn } from '@angular/router'; import { Router, CanActivateFn } from '@angular/router';
import { AuthService } from './login/auth.service' import { AuthService } from './login/auth.service';
import { inject } from '@angular/core'; import { inject } from '@angular/core';
export const AuthGuard: CanActivateFn = (route, state) => { export const AuthGuard: CanActivateFn = (route, state) => {
@ -7,16 +7,14 @@ export const AuthGuard: CanActivateFn = (route, state) => {
const authSvc: AuthService = inject(AuthService); const authSvc: AuthService = inject(AuthService);
if (sessionStorage.getItem('jwt') == null) { if (sessionStorage.getItem('jwt') == null) {
let success = false; let success = false;
authSvc.refresh() authSvc.refresh().subscribe((event) => {
.subscribe((event) => { if (event?.status == 200) {
if (event?.status == 200) { success = true;
success = true; }
} });
});
router.navigate(['/login']); router.navigate(['/login']);
return success; return success;
} else { } else {
return true; return true;
} }
}; };

35
client/admin/src/app/login/auth.service.ts
View file

@ -41,24 +41,33 @@ export class AuthService {
); );
} }
refresh(): Observable<HttpResponse<Jwt>> { logout() {
return this.http.get<Jwt>('/api/refresh', { withCredentials: true, observe: 'response' }).pipe( this.http
tap((event) => { .get('/api/logout', { withCredentials: true, observe: 'response' })
.subscribe((event) => {
if (event.status == 200) { if (event.status == 200) {
sessionStorage.setItem('jwt', event.body?.jwt.toString() ?? ''); this.loggedIn = false;
this.loggedIn = true;
} }
}), });
); sessionStorage.removeItem('jwt');
this.loggedIn = false;
this._router.navigateByUrl('/login');
}
refresh(): Observable<HttpResponse<Jwt>> {
return this.http
.get<Jwt>('/api/refresh', { withCredentials: true, observe: 'response' })
.pipe(
tap((event) => {
if (event.status == 200) {
sessionStorage.setItem('jwt', event.body?.jwt.toString() ?? '');
this.loggedIn = true;
}
}),
);
} }
getToken(): string | null { getToken(): string | null {
return sessionStorage.getItem('jwt'); return sessionStorage.getItem('jwt');
} }
logout() {
sessionStorage.removeItem('jwt');
this.loggedIn = false;
this._router.navigateByUrl('/login');
}
} }

1
client/client.go
View file

@ -5,5 +5,6 @@ import (
) )
const Prefix = "admin/dist/admin/browser" const Prefix = "admin/dist/admin/browser"
//go:embed admin/dist/admin/browser //go:embed admin/dist/admin/browser
var Client embed.FS var Client embed.FS

1
pkg/auth/auth.go
View file

@ -77,6 +77,7 @@ func (a *Auth) PublicRoutes(r chi.Router) {
func (a *Auth) PrivateRoutes(r chi.Router) { func (a *Auth) PrivateRoutes(r chi.Router) {
r.Get("/api/refresh", a.routeRefresh) r.Get("/api/refresh", a.routeRefresh)
r.Get("/api/logout", a.routeLogout)
} }
//go:embed login.html //go:embed login.html

27
pkg/auth/jwt.go
View file

@ -237,3 +237,30 @@ func (a *Auth) routeAuth(w http.ResponseWriter, r *http.Request) {
render.JSON(w, r, &jr) render.JSON(w, r, &jr)
} }
func (a *Auth) routeLogout(w http.ResponseWriter, r *http.Request) {
cookie := &http.Cookie{
Name: "jwt",
Value: "",
HttpOnly: true,
Secure: true,
Expires: time.Time{},
}
if a.allowInsecureCookie(r) {
cookie.Secure = false
cookie.SameSite = http.SameSiteLaxMode
} else {
cookie.Domain = a.cfg.Domain
}
http.SetCookie(w, cookie)
jr := struct {
Message string `json:"message"`
}{
Message: "logged out",
}
render.JSON(w, r, &jr)
}