gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix: remove cookies when signout, logout (remote) and delete (remote)

Browse Source
This commit is contained in:
Mrugesh Mohapatra
2018-05-26 18:28:20 +05:30
parent 9cf1d67e02
commit eebe4036ec
3 changed files with 25 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
common/models/user.js
View File

@ -407,10 +407,15 @@ module.exports = function(User) {
);
};
User.afterRemote('logout', function(ctx, result, next) {
var res = ctx.res;
res.clearCookie('access_token');
res.clearCookie('userId');
User.afterRemote('logout', function({req, res}, result, next) {
const config = {
signed: !!req.signedCookies,
domain: process.env.COOKIE_DOMAIN || 'localhost'
};
res.clearCookie('jwt_access_token', config);
res.clearCookie('access_token', config);
res.clearCookie('userId', config);
res.clearCookie('_csrf', config);
next();
});

12
server/boot/authentication.js
View File

@ -59,10 +59,14 @@ module.exports = function enableAuthentication(app) {
}
);
}
res.clearCookie('jwt_access_token');
res.clearCookie('access_token');
res.clearCookie('userId');
res.clearCookie('_csrf');
const config = {
signed: !!req.signedCookies,
domain: process.env.COOKIE_DOMAIN || 'localhost'
};
res.clearCookie('jwt_access_token', config);
res.clearCookie('access_token', config);
res.clearCookie('userId', config);
res.clearCookie('_csrf', config);
res.redirect('/');
});
});

12
server/boot/user.js
View File

@ -119,10 +119,14 @@ module.exports = function(app) {
if (err) { return next(err); }
req.logout();
req.flash('success', 'You have successfully deleted your account.');
res.clearCookie('jwt_access_token');
res.clearCookie('access_token');
res.clearCookie('userId');
res.clearCookie('_csrf');
const config = {
signed: !!req.signedCookies,
domain: process.env.COOKIE_DOMAIN || 'localhost'
};
res.clearCookie('jwt_access_token', config);
res.clearCookie('access_token', config);
res.clearCookie('userId', config);
res.clearCookie('_csrf', config);
return res.status(200).end();
});
}