fix: don't re-login after logout when OIDC auto-redirect is enabled
Set the just-logged-out flag before navigating, and skip the intermediate router.push to login when redirecting to the IdP — otherwise Login.vue's onBeforeMount consumed the flag before the logout round-trip landed, so the single-provider auto-redirect fired and logged the user straight back in. redirectToProviderOnLogout now reports whether it navigated, so logout can fall through to the login page when there's no static logout URL.
This commit is contained in:
parent
18ee92f227
commit
e25ca7ab9a
|
|
@ -24,8 +24,10 @@ export const redirectToProvider = (provider: IProvider) => {
|
|||
window.location.href = `${provider.authUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUrl}&response_type=code&scope=${scope}&state=${state}`
|
||||
}
|
||||
|
||||
export const redirectToProviderOnLogout = (provider: IProvider) => {
|
||||
export const redirectToProviderOnLogout = (provider: IProvider): boolean => {
|
||||
if (provider.logoutUrl.length > 0) {
|
||||
window.location.href = `${provider.logoutUrl}`
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -562,21 +562,25 @@ export const useAuthStore = defineStore('auth', () => {
|
|||
const loggedInVia = getLoggedInVia()
|
||||
window.localStorage.clear() // Clear all settings and history we might have saved in local storage.
|
||||
lastUserInfoRefresh.value = null
|
||||
await router.push({name: 'user.login'})
|
||||
await checkAuth()
|
||||
|
||||
sessionStorage.setItem(JUST_LOGGED_OUT_KEY, 'true')
|
||||
|
||||
// Redirect to the OIDC provider to end its session too. Prefer the
|
||||
// server-built RP-Initiated Logout URL, falling back to the static one.
|
||||
// These full-page redirects return the user to the login page, so we
|
||||
// must not router.push there first — that would consume
|
||||
// JUST_LOGGED_OUT_KEY before the round-trip lands.
|
||||
if (oidcLogoutUrl) {
|
||||
window.location.href = oidcLogoutUrl
|
||||
return
|
||||
}
|
||||
const fullProvider: IProvider|undefined = configStore.auth.openidConnect.providers?.find((p: IProvider) => p.key === loggedInVia)
|
||||
if (fullProvider) {
|
||||
redirectToProviderOnLogout(fullProvider)
|
||||
if (fullProvider && redirectToProviderOnLogout(fullProvider)) {
|
||||
return
|
||||
}
|
||||
|
||||
await router.push({name: 'user.login'})
|
||||
await checkAuth()
|
||||
}
|
||||
|
||||
return {
|
||||
|
|
|
|||
Loading…
Reference in New Issue