feat: add server logout handler (#5)

juni0r · Tahul · web-flow · commit a88cb5b190c5 · 2023-11-23T21:52:51.000+01:00
Co-authored-by: Yaël Guilloux &lt;yael.guilloux@gmail.com&gt;
diff --git a/src/module.ts b/src/module.ts
@@ -447,6 +447,10 @@ export default defineNuxtModule<ModuleOptions>({
         handler: resolveLocal('./runtime/api/auth/login'),
         route: '/api/auth/login',
       })
+      addServerHandler({
+        handler: resolveLocal('./runtime/api/auth/logout'),
+        route: '/api/auth/logout',
+      })
       addServerHandler({
         handler: resolveLocal('./runtime/api/auth/verify'),
         route: '/api/auth/verify',
diff --git a/src/runtime/api/auth/login.ts b/src/runtime/api/auth/login.ts
@@ -1,4 +1,4 @@
-import { H3Error, defineEventHandler, readBody, setHeaders } from 'h3'
+import { H3Error, defineEventHandler, readBody, setCookie, setHeaders } from 'h3'
 import { useEdgeDbEnv, useEdgeDbPKCE } from '../../server'
 
 export default defineEventHandler(async (req) => {
@@ -50,8 +50,11 @@ export default defineEventHandler(async (req) => {
 
   const tokenResponseData = await tokenResponse.json()
 
-  setHeaders(req, {
-    'Set-Cookie': `edgedb-auth-token=${tokenResponseData.auth_token}; HttpOnly; Path=/; Secure; SameSite=Strict`,
+  setCookie(req, 'edgedb-auth-token', tokenResponseData.auth_token, {
+    httpOnly: true,
+    path: '/',
+    secure: true,
+    sameSite: true,
   })
 
   return tokenResponseData
diff --git a/src/runtime/api/auth/logout.ts b/src/runtime/api/auth/logout.ts
@@ -0,0 +1,18 @@
+import { H3Error, defineEventHandler, getCookie, setCookie } from 'h3'
+
+export default defineEventHandler(async (event) => {
+  const authToken = getCookie(event, 'edgedb-auth-token')
+  if (!authToken) {
+    const err = new H3Error('Not logged in')
+    err.statusCode = 401
+    return err
+  }
+
+  setCookie(event, 'edgedb-auth-token', '', {
+    httpOnly: true,
+    path: '/',
+    secure: true,
+    sameSite: true,
+    expires: new Date(0)
+  })
+})
diff --git a/src/runtime/plugin/edgedb-auth.ts b/src/runtime/plugin/edgedb-auth.ts
@@ -20,7 +20,7 @@ export default defineNuxtPlugin(async (nuxtApp) => {
   }
 
   const logout = async (redirectTo: string) => {
-    cookie.value = undefined
+    await $fetch('/api/auth/logout')
     identity.value = undefined
     if (redirectTo)
       await navigateTo(redirectTo)

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ export default defineNuxtPlugin(async (nuxtApp) => {`
`20`	`20`	`}`
`21`	`21`
`22`	`22`	`const logout = async (redirectTo: string) => {`
`23`		`- cookie.value = undefined`
	`23`	`+ await $fetch('/api/auth/logout')`
`24`	`24`	`identity.value = undefined`
`25`	`25`	`if (redirectTo)`
`26`	`26`	`await navigateTo(redirectTo)`