sr2/link-stack
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Redis logout WIP

Browse source
This commit is contained in:
Darren Clarke 2025-02-05 14:09:59 +01:00
parent dd0265f3f5
commit 21cc160f8f
3 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
apps/link/app/_lib/authentication.ts
View file

@ -10,6 +10,7 @@ import {
import Google from "next-auth/providers/google"; import Google from "next-auth/providers/google";
import Credentials from "next-auth/providers/credentials"; import Credentials from "next-auth/providers/credentials";
import Apple from "next-auth/providers/apple"; import Apple from "next-auth/providers/apple";
import { Redis } from "ioredis";
const headers = { Authorization: `Token ${process.env.ZAMMAD_API_TOKEN}` }; const headers = { Authorization: `Token ${process.env.ZAMMAD_API_TOKEN}` };
@ -122,6 +123,11 @@ export const authOptions: NextAuthOptions = {
return roles.includes("admin") || roles.includes("agent"); return roles.includes("admin") || roles.includes("agent");
}, },
session: async ({ session, token }) => { session: async ({ session, token }) => {
const redis = new Redis(process.env.REDIS_URL);
const isInvalidated = await redis.get(`invalidated:${token.sub}`);
if (isInvalidated) {
return null;
}
// @ts-ignore // @ts-ignore
session.user.roles = token.roles ?? []; session.user.roles = token.roles ?? [];
// @ts-ignore // @ts-ignore

9
apps/link/app/api/logout/route.ts
View file

@ -1,6 +1,12 @@
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import { Redis } from "ioredis";
import { getToken } from "next-auth/jwt";
export async function POST(request: NextRequest) { export async function POST(request: NextRequest) {
const token = await getToken({
req: request,
secret: process.env.NEXTAUTH_SECRET,
});
const allCookies = request.cookies.getAll(); const allCookies = request.cookies.getAll();
const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080"; const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";
const signOutURL = `${zammadURL}/api/v1/signout`; const signOutURL = `${zammadURL}/api/v1/signout`;
@ -25,5 +31,8 @@ export async function POST(request: NextRequest) {
} }
} }
const redis = new Redis(process.env.REDIS_URL);
await redis.setex(`invalidated:${token.sub}`, 24 * 60 * 60, "1");
return response; return response;
} }

1
docker/compose/link.yml
View file

@ -17,6 +17,7 @@ services:
LEAFCUTTER_URL: https://lc.digiresilience.org LEAFCUTTER_URL: https://lc.digiresilience.org
BRIDGE_URL: http://bridge-frontend:3000 BRIDGE_URL: http://bridge-frontend:3000
ZAMMAD_URL: http://zammad-nginx:8080 ZAMMAD_URL: http://zammad-nginx:8080
REDIS_URL: "redis://zammad-redis:6379"
NEXTAUTH_URL: ${LINK_URL} NEXTAUTH_URL: ${LINK_URL}
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET} NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
NEXTAUTH_AUDIENCE: ${NEXTAUTH_AUDIENCE} NEXTAUTH_AUDIENCE: ${NEXTAUTH_AUDIENCE}