fix(logout): fix frontend logout() and cleanLocalStorage()

- Remove 'expires_at' and 'id_token' in cleanLocalStorage() used in logout() - Call logout backend route in logout() before redirect to cas logout.
PnX-SI · May 22, 2024 · be24297 · be24297
1 parent ea97856
commit be24297
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 8 deletions.
diff --git a/backend/dependencies/UsersHub-authentification-module b/backend/dependencies/UsersHub-authentification-module
diff --git a/frontend/src/app/components/auth/auth.service.ts b/frontend/src/app/components/auth/auth.service.ts
@@ -134,24 +134,23 @@ export class AuthService {
   logout() {
     this.cleanLocalStorage();
     this.cruvedService.clearCruved();
+    // call the logout route to delete the session
+    this._http.get<any>(`${this.config.API_ENDPOINT}/auth/logout`).subscribe(() => {
+      location.reload();
+    });
 
     if (this.config.CAS_PUBLIC.CAS_AUTHENTIFICATION) {
       document.location.href = `${this.config.CAS_PUBLIC.CAS_URL_LOGOUT}?service=${this.config.URL_APPLICATION}`;
     } else {
       this.router.navigate(['/login']);
-      // call the logout route to delete the session
-      // TODO: in case of different cruved user in DEPOBIO context must run this routes
-      // but actually make bug the INPN CAS deconnexion
-      this._http.get<any>(`${this.config.API_ENDPOINT}/auth/logout`).subscribe(() => {
-        location.reload();
-      });
-      // refresh the page to refresh all the shared service to avoid cruved conflict
     }
   }
 
   private cleanLocalStorage() {
     // Remove only local storage items need to clear when user logout
     localStorage.removeItem(this.prefix + 'current_user');
+    localStorage.removeItem(this.prefix + 'id_token');
+    localStorage.removeItem(this.prefix + 'expires_at');
     localStorage.removeItem('modules');
   }