feat: invalidate cookies when refresh token is invalid

FireBlinkLTD · Nov 17, 2023 · e7119d2 · e7119d2
1 parent f6718e9
commit e7119d2
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/src/handlers/LoginHandler.ts b/src/handlers/LoginHandler.ts
@@ -1,12 +1,10 @@
 import { IncomingMessage, ServerResponse } from "http";
 import { HttpMethod, ProxyRequest, RequestHandlerConfig } from "prxi";
 import { getConfig } from "../config/getConfig";
-import { invalidateAuthCookies, sendRedirect } from "../utils/ResponseUtils";
+import { sendRedirect } from "../utils/ResponseUtils";
 import { OpenIDUtils } from "../utils/OpenIDUtils";
 import { Logger } from "pino";
 import getLogger from "../Logger";
-import { JwtPayload, verify } from "jsonwebtoken";
-import { RequestUtils } from "../utils/RequestUtils";
 
 export class LoginHandler implements RequestHandlerConfig {
   private logger: Logger;

diff --git a/src/handlers/ProxyHandler.ts b/src/handlers/ProxyHandler.ts
@@ -170,6 +170,7 @@ export class ProxyHandler implements RequestHandlerConfig {
         accessToken = context.accessToken = null;
         idToken = context.idToken = null;
         refreshToken = context.refreshToken = null;
+        invalidateAuthCookies(res);
 
         accessTokenVerificationResult = JWTVerificationResult.MISSING;
       }
@@ -204,8 +205,9 @@ export class ProxyHandler implements RequestHandlerConfig {
         delete context.accessTokenJWT;
       }
     } else if (accessTokenVerificationResult !== JWTVerificationResult.SUCCESS) {
+      invalidateAuthCookies(res);
+
       if (context.page) {
-        invalidateAuthCookies(res);
         await sendRedirect(res, OpenIDUtils.getAuthorizationUrl());
       } else {
         sendErrorResponse(req, 401, 'Unauthorized', res);