yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: Correctly clear accessToken when logging out.

Browse Source 
Token is correctly rotated on the server, it just isnt correctly removed on the client.
closes #5940
This commit is contained in:
Tom Moor
2023-10-05 22:10:07 -04:00
parent 0ae4c7d6bd
commit 773c35ebc3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/routes/api/auth/auth.ts
View File

@@ -2,7 +2,7 @@ import { subHours, subMinutes } from "date-fns";
import Router from "koa-router";
import uniqBy from "lodash/uniqBy";
import { TeamPreference } from "@shared/types";
import { getCookieDomain, parseDomain } from "@shared/utils/domains";
import { parseDomain } from "@shared/utils/domains";
import env from "@server/env";
import auth from "@server/middlewares/authentication";
import { transaction } from "@server/middlewares/transaction";
@@ -180,8 +180,8 @@ router.post(
);
ctx.cookies.set("accessToken", "", {
sameSite: "lax",
expires: subMinutes(new Date(), 1),
domain: getCookieDomain(ctx.hostname, env.isCloudHosted),
});
ctx.body = {