Redis logout WIP
This commit is contained in:
parent
dd0265f3f5
commit
21cc160f8f
3 changed files with 16 additions and 0 deletions
|
|
@ -10,6 +10,7 @@ import {
|
||||||
import Google from "next-auth/providers/google";
|
import Google from "next-auth/providers/google";
|
||||||
import Credentials from "next-auth/providers/credentials";
|
import Credentials from "next-auth/providers/credentials";
|
||||||
import Apple from "next-auth/providers/apple";
|
import Apple from "next-auth/providers/apple";
|
||||||
|
import { Redis } from "ioredis";
|
||||||
|
|
||||||
const headers = { Authorization: `Token ${process.env.ZAMMAD_API_TOKEN}` };
|
const headers = { Authorization: `Token ${process.env.ZAMMAD_API_TOKEN}` };
|
||||||
|
|
||||||
|
|
@ -122,6 +123,11 @@ export const authOptions: NextAuthOptions = {
|
||||||
return roles.includes("admin") || roles.includes("agent");
|
return roles.includes("admin") || roles.includes("agent");
|
||||||
},
|
},
|
||||||
session: async ({ session, token }) => {
|
session: async ({ session, token }) => {
|
||||||
|
const redis = new Redis(process.env.REDIS_URL);
|
||||||
|
const isInvalidated = await redis.get(`invalidated:${token.sub}`);
|
||||||
|
if (isInvalidated) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
// @ts-ignore
|
// @ts-ignore
|
||||||
session.user.roles = token.roles ?? [];
|
session.user.roles = token.roles ?? [];
|
||||||
// @ts-ignore
|
// @ts-ignore
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,12 @@
|
||||||
import { NextRequest, NextResponse } from "next/server";
|
import { NextRequest, NextResponse } from "next/server";
|
||||||
|
import { Redis } from "ioredis";
|
||||||
|
import { getToken } from "next-auth/jwt";
|
||||||
|
|
||||||
export async function POST(request: NextRequest) {
|
export async function POST(request: NextRequest) {
|
||||||
|
const token = await getToken({
|
||||||
|
req: request,
|
||||||
|
secret: process.env.NEXTAUTH_SECRET,
|
||||||
|
});
|
||||||
const allCookies = request.cookies.getAll();
|
const allCookies = request.cookies.getAll();
|
||||||
const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";
|
const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";
|
||||||
const signOutURL = `${zammadURL}/api/v1/signout`;
|
const signOutURL = `${zammadURL}/api/v1/signout`;
|
||||||
|
|
@ -25,5 +31,8 @@ export async function POST(request: NextRequest) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const redis = new Redis(process.env.REDIS_URL);
|
||||||
|
await redis.setex(`invalidated:${token.sub}`, 24 * 60 * 60, "1");
|
||||||
|
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@ services:
|
||||||
LEAFCUTTER_URL: https://lc.digiresilience.org
|
LEAFCUTTER_URL: https://lc.digiresilience.org
|
||||||
BRIDGE_URL: http://bridge-frontend:3000
|
BRIDGE_URL: http://bridge-frontend:3000
|
||||||
ZAMMAD_URL: http://zammad-nginx:8080
|
ZAMMAD_URL: http://zammad-nginx:8080
|
||||||
|
REDIS_URL: "redis://zammad-redis:6379"
|
||||||
NEXTAUTH_URL: ${LINK_URL}
|
NEXTAUTH_URL: ${LINK_URL}
|
||||||
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
|
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
|
||||||
NEXTAUTH_AUDIENCE: ${NEXTAUTH_AUDIENCE}
|
NEXTAUTH_AUDIENCE: ${NEXTAUTH_AUDIENCE}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue