Implement proper logout

25c4d437 · Sandro Lutz · Hermann · 988ecae3 · 25c4d437 · 25c4d437
Commit 25c4d437 authored 6 years ago by Sandro Lutz Committed by Hermann 6 years ago
--- a/src/auth.js
+++ b/src/auth.js
@@ -11,9 +11,14 @@ const APISession = {
  token: '',
  // user admins are a very special case as the permissions on the resource can only
  // be seen by requesting users and check whether you see their membership
-  isUserAdmin: false
+  isUserAdmin: false,
 };

+const amivapi = axios.create({
+  baseURL: apiUrl,
+  headers: { 'Content-Type': 'application/json' },
+});
+
 // OAuth Handler
 const oauth = new ClientOAuth2({
  clientId: oAuthID,
@@ -21,18 +26,13 @@ const oauth = new ClientOAuth2({
  redirectUri: `${ownUrl}/oauthcallback`,
 });

-export function resetSession() {
+function resetSession() {
  APISession.authenticated = false;
  APISession.token = '';
  localStorage.remove('token');
  window.location.replace(oauth.token.getUri());
 }

-const amivapi = axios.create({
-  baseURL: apiUrl,
-  headers: { 'Content-Type': 'application/json' },
-});
-
 function checkToken(token) {
  // check if a token is still valid
  return new Promise((resolve, reject) => {
@@ -88,6 +88,26 @@ export function getSession() {
  });
 }

+export function deleteSession() {
+  return new Promise((resolve, reject) => {
+    getSession().then((api) => {
+      api.get(`sessions/${APISession.token}`).then((response) => {
+        if (response.status === 200) {
+          api.delete(
+            `sessions/${response.data._id}`,
+            { headers: { 'If-Match': response.data._etag } },
+          ).then((deleteResponse) => {
+            if (deleteResponse.status === 204) {
+              resetSession();
+              resolve(deleteResponse.data);
+            } else reject();
+          }).catch(reject);
+        } else reject();
+      }).catch(reject);
+    });
+  });
+}
+
 export class ResourceHandler {
  /* Handler to get and manipulate resource items
   *

--- a/src/index.js
+++ b/src/index.js
@@ -42,5 +42,3 @@ m.route(root, '/events', {
  '/newjoboffer': layoutWith(JobItem),
  '/joboffers/:id': layoutWith(JobItem),
 });
-
-m.route.prefix('');
--- a/src/layout.js
+++ b/src/layout.js
@@ -9,11 +9,12 @@ import {
  ToolbarTitle,
  Dialog,
  SVG,
+  Button,
  IconButton,
 } from 'polythene-mithril';
 import { styler } from 'polythene-core-css';
 import { icons } from './views/elements';
-import { resetSession } from './auth';
+import { deleteSession } from './auth';
 import { colors } from './style';

 const layoutStyle = [
@@ -109,7 +110,11 @@ export class Layout {
            style: { color: '#ffffff' },
          })),
          m(ToolbarTitle, { text: 'AMIV Admintools' }),
-          m('a', { onclick: resetSession }, 'Logout'),
+          m(Button, {
+            className: 'red-row-button',
+            label: 'logout',
+            events: { onclick: deleteSession },
+          }),
        ]),
        m(
          'div.mdc-typography.wrapper-sidebar',