fixed user logout bug

2024-10-19 22:29:49 +02:00 · 2024-10-19 22:29:49 +02:00 · 81ab0ccfd7
commit 81ab0ccfd7
parent b5fc279340
8 changed files with 97 additions and 31 deletions
--- a/composer.json
+++ b/composer.json
@ -114,6 +114,7 @@
        "drupal/jsonapi_extras": "^3.21",
        "drupal/login_history": "^2.0",
        "drupal/login_tracker": "^2.0",
+        "drupal/logout_token": "^1.0",
        "drupal/mailjet": "^4.0",
        "drupal/maillog": "^1.1",
        "drupal/masquerade": "^2.0",
--- a/composer.lock
+++ b/composer.lock
@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "a29125e1001e64fb0fe09951db6e8c9f",
+    "content-hash": "b289f714c59ac7e099677e46f2bded84",
    "packages": [
        {
            "name": "algolia/places",
@ -9065,6 +9065,50 @@
                "source": "https://git.drupalcode.org/project/login_tracker"
            }
        },
+        {
+            "name": "drupal/logout_token",
+            "version": "1.0.3",
+            "source": {
+                "type": "git",
+                "url": "https://git.drupalcode.org/project/logout_token.git",
+                "reference": "1.0.3"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://ftp.drupal.org/files/projects/logout_token-1.0.3.zip",
+                "reference": "1.0.3",
+                "shasum": "d11d7c65336ce8558e98a0dfad59bc7e811f2003"
+            },
+            "require": {
+                "drupal/core": "^8 || ^9 || ^10"
+            },
+            "type": "drupal-module",
+            "extra": {
+                "drupal": {
+                    "version": "1.0.3",
+                    "datestamp": "1690811062",
+                    "security-coverage": {
+                        "status": "not-covered",
+                        "message": "Project has not opted into security advisory coverage!"
+                    }
+                }
+            },
+            "notification-url": "https://packages.drupal.org/8/downloads",
+            "license": [
+                "GPL-2.0-or-later"
+            ],
+            "authors": [
+                {
+                    "name": "sraseef",
+                    "homepage": "https://www.drupal.org/user/2825415"
+                }
+            ],
+            "description": "Provides an endpoint to retrieve the logout token during user sessions.",
+            "homepage": "https://www.drupal.org/project/logout_token",
+            "support": {
+                "source": "https://git.drupalcode.org/project/logout_token"
+            }
+        },
        {
            "name": "drupal/mailjet",
            "version": "4.0.0",
--- a/config/sync/core.extension.yml
+++ b/config/sync/core.extension.yml
@ -124,6 +124,7 @@ module:
  locale: 0
  login_history: 0
  login_tracker: 0
+  logout_token: 0
  mailjet: 0
  mailjet_commerce: 0
  mailjet_event: 0
--- a/config/sync/language/fr/pwa.config.yml
+++ b/config/sync/language/fr/pwa.config.yml
@ -2,3 +2,4 @@ description: "L'inspiration par la matière"
 lang: fr
 start_url: /
 scope: /
+dir: auto
--- a/web/themes/custom/materiotheme/assets/dist/main.js
+++ b/web/themes/custom/materiotheme/assets/dist/main.js
--- a/web/themes/custom/materiotheme/assets/dist/main.js.gz
+++ b/web/themes/custom/materiotheme/assets/dist/main.js.gz
--- a/web/themes/custom/materiotheme/vuejs/components/User/UserTools.vue
+++ b/web/themes/custom/materiotheme/vuejs/components/User/UserTools.vue
@ -13,7 +13,7 @@
      class="mdi mdi-settings"
      title="admin"
    ></a>
-    <a href="/user/logout"
+    <a href="#"
      @click.prevent="onLogout()"
      class="mdi mdi-logout"
      title="logout"
--- a/web/themes/custom/materiotheme/vuejs/store/modules/user.js
+++ b/web/themes/custom/materiotheme/vuejs/store/modules/user.js
@ -41,6 +41,9 @@ export default {
      console.log('SetCsrftoken', token)
      state.csrf_token = token
    },
+    SetLogouttoken (state, token) {
+      state.logout_token = token
+    },
    setToken (state, data) {
      console.log('setToken', data)
      state.uid = data.current_user.uid
@ -183,10 +186,10 @@ export default {
    },
    userLogin ({ dispatch, commit, state }, credentials) {
      return new Promise((resolve, reject) => {
-        dispatch('getToken', credentials)
+        dispatch('postUserLogin', credentials)
          // TODO: catch failed login
          .then((response) => {
-            console.log('userLogin dispatch getToken response', response)
+            console.log('userLogin dispatch postUserLogin response', response)

            if (response.status === 200) {
              commit('setToken', response.data)
@ -194,7 +197,7 @@ export default {
                console.log('User Loggedin', state.isAdmin, state.isAdherent)
                // have to reload systematicly because of autologout library not loaded if not logged in the begining
                if (state.isAdmin) {
-                  window.location.reload()
+                  // window.location.reload()
                }
                if (state.isAdherent) {
                  // router.push({
@ -202,7 +205,7 @@ export default {
                  // })
                  // // TODO: openCloseHamMenu(false)
                  // dispatch('Common/openCloseHamMenu', false)
-                  window.location = '/base'
+                  // window.location = '/base'
                }
                // else {
                //   // * window.location.reload()
@ -211,18 +214,18 @@ export default {
              })
            } else {
              commit('setLoginMessage', response.data.message)
-              console.warn('Issue with getToken', response)
+              console.warn('Issue with postUserLogin', response)
              console.log('user loggein failed')
              Promise.reject(new Error('user loggein failed'))
            }
          })
          .catch(error => {
-            console.warn('Issue with Dispatch getToken', error)
+            console.warn('Issue with Dispatch postUserLogin', error)
            Promise.reject(error)
          })
      })
    },
-    getToken ({ dispatch, commit, state }, credentials) {
+    postUserLogin ({ dispatch, commit, state }, credentials) {
      return REST.post('/user/login?_format=json',
        credentials,
        {
@ -237,24 +240,34 @@ export default {
          console.log('csrftoken', data)
          commit('SetCsrftoken', data)
          console.log('state.csrf_token', state.csrf_token)
-          const params = {
-            token: state.csrf_token
-          }
-          REST.get(`/user/${state.uid}?_format=json`, params)
+          // INFO this endpoiunt needs https://www.drupal.org/project/logout_token
+          REST.get('/session/logout/token')
            .then(({ data }) => {
-              console.log('user REST getUser data', data)
-              console.log('roles', data.roles)
-              // with session_limit, only here we are certain that the user is logged
-              commit('setUser', data)
-              if (data.roles) {
-                commit('setRoles', data.roles)
+              console.log('logout_token', data)
+              commit('SetLogouttoken', data)
+              const params = {
+                token: state.csrf_token
              }
-              // console.log('customer_profiles', data.customer_profiles.length)
-              // if (data.customer_profiles.length) {
-              //   dispatch('getUserProfiles', data.customer_profiles[data.customer_profiles.length - 1].target_id)
-              // }
-              dispatch('getUserFlagColls')
-              resolve()
+              REST.get(`/user/${state.uid}?_format=json`, params)
+                .then(({ data }) => {
+                  console.log('user REST getUser data', data)
+                  console.log('roles', data.roles)
+                  // with session_limit, only here we are certain that the user is logged
+                  commit('setUser', data)
+                  if (data.roles) {
+                    commit('setRoles', data.roles)
+                  }
+                  // console.log('customer_profiles', data.customer_profiles.length)
+                  // if (data.customer_profiles.length) {
+                  //   dispatch('getUserProfiles', data.customer_profiles[data.customer_profiles.length - 1].target_id)
+                  // }
+                  dispatch('getUserFlagColls')
+                  resolve()
+                })
+                .catch(error => {
+                  console.warn('Issue with getUser', error)
+                  Promise.reject(error)
+                })
            })
            .catch(error => {
              console.warn('Issue with getUser', error)
@ -424,14 +437,20 @@ export default {
      commit('closeFlagColl')
    },
    userLogout ({ commit, state }) {
-      const credentials = qs.stringify({
-        token: state.csrf_token
+      const params = qs.stringify({
+        // format: 'json'
+        // token: state.logout_token
      })
-      REST.post('/user/logout', credentials)
+      const config = {
+        headers: {
+          'X-CSRF-Token': state.csrf_token
+        }
+      }
+      REST.post('/user/logout?format=json&token=' + state.logout_token, params, config)
        .then(resp => {
          console.log('userLogout resp', resp)
-          commit('setLoggedOut')
-          // window.location.reload(true) ???
+          // commit('setLoggedOut')
+          // window.location.reload(true)
        })
        .catch(error => {
          console.warn('Issue with logout', error)