gbili
/
swissoid-back
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: logout redirect loop

Browse Source 
Changed GET /auth/logout to redirect to rpFrontendUrl instead of /login
to prevent re-authentication loop. When user logged out, redirecting to
/login would immediately start new OIDC flow with still-valid SwissOID
session, causing auto-login.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
master
Guillermo Pages 2 months ago
parent b55f3d0e22
commit 49865e66d6
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File

6
src/oidc/OIDCStandardRoutes.ts
Unescape Escape View File

@ -674,10 +674,10 @@ export function createOidcStandardRoutes(config: OidcStandardConfig): Router {
res.clearCookie(sessionCookieName, getCookieOptions());
// For GET requests, redirect to login page
// For GET requests, redirect to frontend landing page to avoid re-login loop
// For POST requests, return JSON
if (req.method === 'GET') {
return res.redirect('/login');
return res.redirect(rpFrontendUrl);
} else {
return res.json({ success: true });
}
@ -685,7 +685,7 @@ export function createOidcStandardRoutes(config: OidcStandardConfig): Router {
} catch (error) {
logger.error('Error during logout', error);
if (req.method === 'GET') {
return res.redirect('/login');
return res.redirect(rpFrontendUrl);
} else {
return res.status(500).json({ error: 'Logout failed' });
}

Write Preview
Loading…
Cancel
Save