mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-22 19:07:54 +01:00
feat: add option to disable 'Clear-Site-Data' header on logout (#1645)
This commit is contained in:
parent
ff7842b2f1
commit
3359dd204d
@ -89,6 +89,8 @@ Object {
|
|||||||
"unleashUrl": "http://localhost:4242",
|
"unleashUrl": "http://localhost:4242",
|
||||||
},
|
},
|
||||||
"session": Object {
|
"session": Object {
|
||||||
|
"clearSiteDataOnLogout": true,
|
||||||
|
"cookieName": "unleash-session",
|
||||||
"db": true,
|
"db": true,
|
||||||
"ttlHours": 48,
|
"ttlHours": 48,
|
||||||
},
|
},
|
||||||
|
@ -91,6 +91,11 @@ const defaultDbOptions: IDBOption = {
|
|||||||
|
|
||||||
const defaultSessionOption: ISessionOption = {
|
const defaultSessionOption: ISessionOption = {
|
||||||
ttlHours: parseEnvVarNumber(process.env.SESSION_TTL_HOURS, 48),
|
ttlHours: parseEnvVarNumber(process.env.SESSION_TTL_HOURS, 48),
|
||||||
|
clearSiteDataOnLogout: parseEnvVarBoolean(
|
||||||
|
process.env.SESSION_CLEAR_SITE_DATA_ON_LOGOUT,
|
||||||
|
true,
|
||||||
|
),
|
||||||
|
cookieName: 'unleash-session',
|
||||||
db: true,
|
db: true,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -10,7 +10,7 @@ function sessionDb(
|
|||||||
knex: Knex,
|
knex: Knex,
|
||||||
): RequestHandler {
|
): RequestHandler {
|
||||||
let store;
|
let store;
|
||||||
const { db } = config.session;
|
const { db, cookieName } = config.session;
|
||||||
const age =
|
const age =
|
||||||
hoursToMilliseconds(config.session.ttlHours) || hoursToMilliseconds(48);
|
hoursToMilliseconds(config.session.ttlHours) || hoursToMilliseconds(48);
|
||||||
const KnexSessionStore = knexSessionStore(session);
|
const KnexSessionStore = knexSessionStore(session);
|
||||||
@ -25,7 +25,7 @@ function sessionDb(
|
|||||||
store = new session.MemoryStore();
|
store = new session.MemoryStore();
|
||||||
}
|
}
|
||||||
return session({
|
return session({
|
||||||
name: 'unleash-session',
|
name: cookieName,
|
||||||
rolling: false,
|
rolling: false,
|
||||||
resave: false,
|
resave: false,
|
||||||
saveUninitialized: false,
|
saveUninitialized: false,
|
||||||
|
@ -5,13 +5,12 @@ import SimplePasswordProvider from './auth/simple-password-provider';
|
|||||||
import { IUnleashConfig } from '../types/option';
|
import { IUnleashConfig } from '../types/option';
|
||||||
import { IUnleashServices } from '../types/services';
|
import { IUnleashServices } from '../types/services';
|
||||||
import { api } from './api-def';
|
import { api } from './api-def';
|
||||||
|
import LogoutController from './logout';
|
||||||
|
|
||||||
const AdminApi = require('./admin-api');
|
const AdminApi = require('./admin-api');
|
||||||
const ClientApi = require('./client-api');
|
const ClientApi = require('./client-api');
|
||||||
const Controller = require('./controller');
|
const Controller = require('./controller');
|
||||||
const HealthCheckController = require('./health-check');
|
const HealthCheckController = require('./health-check');
|
||||||
const LogoutController = require('./logout');
|
|
||||||
|
|
||||||
class IndexRouter extends Controller {
|
class IndexRouter extends Controller {
|
||||||
constructor(config: IUnleashConfig, services: IUnleashServices) {
|
constructor(config: IUnleashConfig, services: IUnleashServices) {
|
||||||
super(config);
|
super(config);
|
||||||
|
@ -44,6 +44,59 @@ test('should set "Clear-Site-Data" header', async () => {
|
|||||||
.expect('Clear-Site-Data', '"cookies", "storage"');
|
.expect('Clear-Site-Data', '"cookies", "storage"');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test('should not set "Clear-Site-Data" header', async () => {
|
||||||
|
const baseUriPath = '';
|
||||||
|
const app = express();
|
||||||
|
const config = createTestConfig({
|
||||||
|
server: { baseUriPath },
|
||||||
|
session: { clearSiteDataOnLogout: false },
|
||||||
|
});
|
||||||
|
app.use('/logout', new LogoutController(config).router);
|
||||||
|
const request = supertest(app);
|
||||||
|
expect.assertions(1);
|
||||||
|
await request
|
||||||
|
.get(`${baseUriPath}/logout`)
|
||||||
|
.expect(302)
|
||||||
|
.expect((res) =>
|
||||||
|
expect(res.headers['Clear-Site-Data']).toBeUndefined(),
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('should clear "unleash-session" cookies', async () => {
|
||||||
|
const baseUriPath = '';
|
||||||
|
const app = express();
|
||||||
|
const config = createTestConfig({ server: { baseUriPath } });
|
||||||
|
app.use('/logout', new LogoutController(config).router);
|
||||||
|
const request = supertest(app);
|
||||||
|
expect.assertions(0);
|
||||||
|
await request
|
||||||
|
.get(`${baseUriPath}/logout`)
|
||||||
|
.expect(302)
|
||||||
|
.expect(
|
||||||
|
'Set-Cookie',
|
||||||
|
'unleash-session=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT',
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('should clear "unleash-session" cookie even when disabled clear site data', async () => {
|
||||||
|
const baseUriPath = '';
|
||||||
|
const app = express();
|
||||||
|
const config = createTestConfig({
|
||||||
|
server: { baseUriPath },
|
||||||
|
session: { clearSiteDataOnLogout: false },
|
||||||
|
});
|
||||||
|
app.use('/logout', new LogoutController(config).router);
|
||||||
|
const request = supertest(app);
|
||||||
|
expect.assertions(0);
|
||||||
|
await request
|
||||||
|
.get(`${baseUriPath}/logout`)
|
||||||
|
.expect(302)
|
||||||
|
.expect(
|
||||||
|
'Set-Cookie',
|
||||||
|
'unleash-session=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT',
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
test('should call destroy on session', async () => {
|
test('should call destroy on session', async () => {
|
||||||
const baseUriPath = '';
|
const baseUriPath = '';
|
||||||
const fakeSession = {
|
const fakeSession = {
|
||||||
|
@ -4,11 +4,17 @@ import Controller from './controller';
|
|||||||
import { IAuthRequest } from './unleash-types';
|
import { IAuthRequest } from './unleash-types';
|
||||||
|
|
||||||
class LogoutController extends Controller {
|
class LogoutController extends Controller {
|
||||||
|
private clearSiteDataOnLogout: boolean;
|
||||||
|
|
||||||
|
private cookieName: string;
|
||||||
|
|
||||||
private baseUri: string;
|
private baseUri: string;
|
||||||
|
|
||||||
constructor(config: IUnleashConfig) {
|
constructor(config: IUnleashConfig) {
|
||||||
super(config);
|
super(config);
|
||||||
this.baseUri = config.server.baseUriPath;
|
this.baseUri = config.server.baseUriPath;
|
||||||
|
this.clearSiteDataOnLogout = config.session.clearSiteDataOnLogout;
|
||||||
|
this.cookieName = config.session.cookieName;
|
||||||
this.get('/', this.logout);
|
this.get('/', this.logout);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -27,10 +33,14 @@ class LogoutController extends Controller {
|
|||||||
req.logout();
|
req.logout();
|
||||||
}
|
}
|
||||||
|
|
||||||
res.set('Clear-Site-Data', '"cookies", "storage"');
|
res.clearCookie(this.cookieName);
|
||||||
|
|
||||||
|
if (this.clearSiteDataOnLogout) {
|
||||||
|
res.set('Clear-Site-Data', '"cookies", "storage"');
|
||||||
|
}
|
||||||
|
|
||||||
res.redirect(`${this.baseUri}/`);
|
res.redirect(`${this.baseUri}/`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = LogoutController;
|
|
||||||
export default LogoutController;
|
export default LogoutController;
|
||||||
|
@ -37,6 +37,8 @@ export interface IDBOption {
|
|||||||
export interface ISessionOption {
|
export interface ISessionOption {
|
||||||
ttlHours: number;
|
ttlHours: number;
|
||||||
db: boolean;
|
db: boolean;
|
||||||
|
clearSiteDataOnLogout: boolean;
|
||||||
|
cookieName: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface IVersionOption {
|
export interface IVersionOption {
|
||||||
|
Loading…
Reference in New Issue
Block a user