fixed user logout bug

composer.json

@@ -114,6 +114,7 @@
         "drupal/jsonapi_extras": "^3.21",
         "drupal/login_history": "^2.0",
         "drupal/login_tracker": "^2.0",
+        "drupal/logout_token": "^1.0",
         "drupal/mailjet": "^4.0",
         "drupal/maillog": "^1.1",
         "drupal/masquerade": "^2.0",

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "a29125e1001e64fb0fe09951db6e8c9f",
+    "content-hash": "b289f714c59ac7e099677e46f2bded84",
     "packages": [
         {
             "name": "algolia/places",
@@ -9065,6 +9065,50 @@
                 "source": "https://git.drupalcode.org/project/login_tracker"
             }
         },
+        {
+            "name": "drupal/logout_token",
+            "version": "1.0.3",
+            "source": {
+                "type": "git",
+                "url": "https://git.drupalcode.org/project/logout_token.git",
+                "reference": "1.0.3"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://ftp.drupal.org/files/projects/logout_token-1.0.3.zip",
+                "reference": "1.0.3",
+                "shasum": "d11d7c65336ce8558e98a0dfad59bc7e811f2003"
+            },
+            "require": {
+                "drupal/core": "^8 || ^9 || ^10"
+            },
+            "type": "drupal-module",
+            "extra": {
+                "drupal": {
+                    "version": "1.0.3",
+                    "datestamp": "1690811062",
+                    "security-coverage": {
+                        "status": "not-covered",
+                        "message": "Project has not opted into security advisory coverage!"
+                    }
+                }
+            },
+            "notification-url": "https://packages.drupal.org/8/downloads",
+            "license": [
+                "GPL-2.0-or-later"
+            ],
+            "authors": [
+                {
+                    "name": "sraseef",
+                    "homepage": "https://www.drupal.org/user/2825415"
+                }
+            ],
+            "description": "Provides an endpoint to retrieve the logout token during user sessions.",
+            "homepage": "https://www.drupal.org/project/logout_token",
+            "support": {
+                "source": "https://git.drupalcode.org/project/logout_token"
+            }
+        },
         {
             "name": "drupal/mailjet",
             "version": "4.0.0",

config/sync/core.extension.yml

@@ -124,6 +124,7 @@ module:
   locale: 0
   login_history: 0
   login_tracker: 0
+  logout_token: 0
   mailjet: 0
   mailjet_commerce: 0
   mailjet_event: 0

config/sync/language/fr/pwa.config.yml

@@ -2,3 +2,4 @@ description: "L'inspiration par la matière"
 lang: fr
 start_url: /
 scope: /
+dir: auto

web/themes/custom/materiotheme/vuejs/components/User/UserTools.vue

@@ -13,7 +13,7 @@
       class="mdi mdi-settings"
       title="admin"
     ></a>
-    <a href="/user/logout"
+    <a href="#"
       @click.prevent="onLogout()"
       class="mdi mdi-logout"
       title="logout"

web/themes/custom/materiotheme/vuejs/store/modules/user.js

@@ -41,6 +41,9 @@ export default {
       console.log('SetCsrftoken', token)
       state.csrf_token = token
     },
+    SetLogouttoken (state, token) {
+      state.logout_token = token
+    },
     setToken (state, data) {
       console.log('setToken', data)
       state.uid = data.current_user.uid
@@ -183,10 +186,10 @@ export default {
     },
     userLogin ({ dispatch, commit, state }, credentials) {
       return new Promise((resolve, reject) => {
-        dispatch('getToken', credentials)
+        dispatch('postUserLogin', credentials)
           // TODO: catch failed login
           .then((response) => {
-            console.log('userLogin dispatch getToken response', response)
+            console.log('userLogin dispatch postUserLogin response', response)
 
             if (response.status === 200) {
               commit('setToken', response.data)
@@ -194,7 +197,7 @@ export default {
                 console.log('User Loggedin', state.isAdmin, state.isAdherent)
                 // have to reload systematicly because of autologout library not loaded if not logged in the begining
                 if (state.isAdmin) {
-                  window.location.reload()
+                  // window.location.reload()
                 }
                 if (state.isAdherent) {
                   // router.push({
@@ -202,7 +205,7 @@ export default {
                   // })
                   // // TODO: openCloseHamMenu(false)
                   // dispatch('Common/openCloseHamMenu', false)
-                  window.location = '/base'
+                  // window.location = '/base'
                 }
                 // else {
                 //   // * window.location.reload()
@@ -211,18 +214,18 @@ export default {
               })
             } else {
               commit('setLoginMessage', response.data.message)
-              console.warn('Issue with getToken', response)
+              console.warn('Issue with postUserLogin', response)
               console.log('user loggein failed')
               Promise.reject(new Error('user loggein failed'))
             }
           })
           .catch(error => {
-            console.warn('Issue with Dispatch getToken', error)
+            console.warn('Issue with Dispatch postUserLogin', error)
             Promise.reject(error)
           })
       })
     },
-    getToken ({ dispatch, commit, state }, credentials) {
+    postUserLogin ({ dispatch, commit, state }, credentials) {
       return REST.post('/user/login?_format=json',
         credentials,
         {
@@ -237,24 +240,34 @@ export default {
           console.log('csrftoken', data)
           commit('SetCsrftoken', data)
           console.log('state.csrf_token', state.csrf_token)
-          const params = {
-            token: state.csrf_token
-          }
-          REST.get(`/user/${state.uid}?_format=json`, params)
+          // INFO this endpoiunt needs https://www.drupal.org/project/logout_token
+          REST.get('/session/logout/token')
             .then(({ data }) => {
-              console.log('user REST getUser data', data)
-              console.log('roles', data.roles)
-              // with session_limit, only here we are certain that the user is logged
-              commit('setUser', data)
-              if (data.roles) {
-                commit('setRoles', data.roles)
+              console.log('logout_token', data)
+              commit('SetLogouttoken', data)
+              const params = {
+                token: state.csrf_token
               }
-              // console.log('customer_profiles', data.customer_profiles.length)
-              // if (data.customer_profiles.length) {
-              //   dispatch('getUserProfiles', data.customer_profiles[data.customer_profiles.length - 1].target_id)
-              // }
-              dispatch('getUserFlagColls')
-              resolve()
+              REST.get(`/user/${state.uid}?_format=json`, params)
+                .then(({ data }) => {
+                  console.log('user REST getUser data', data)
+                  console.log('roles', data.roles)
+                  // with session_limit, only here we are certain that the user is logged
+                  commit('setUser', data)
+                  if (data.roles) {
+                    commit('setRoles', data.roles)
+                  }
+                  // console.log('customer_profiles', data.customer_profiles.length)
+                  // if (data.customer_profiles.length) {
+                  //   dispatch('getUserProfiles', data.customer_profiles[data.customer_profiles.length - 1].target_id)
+                  // }
+                  dispatch('getUserFlagColls')
+                  resolve()
+                })
+                .catch(error => {
+                  console.warn('Issue with getUser', error)
+                  Promise.reject(error)
+                })
             })
             .catch(error => {
               console.warn('Issue with getUser', error)
@@ -424,14 +437,20 @@ export default {
       commit('closeFlagColl')
     },
     userLogout ({ commit, state }) {
-      const credentials = qs.stringify({
-        token: state.csrf_token
+      const params = qs.stringify({
+        // format: 'json'
+        // token: state.logout_token
       })
-      REST.post('/user/logout', credentials)
+      const config = {
+        headers: {
+          'X-CSRF-Token': state.csrf_token
+        }
+      }
+      REST.post('/user/logout?format=json&token=' + state.logout_token, params, config)
         .then(resp => {
           console.log('userLogout resp', resp)
-          commit('setLoggedOut')
-          // window.location.reload(true) ???
+          // commit('setLoggedOut')
+          // window.location.reload(true)
         })
         .catch(error => {
           console.warn('Issue with logout', error)