From: Justin Wind Date: Sat, 8 Jun 2024 21:50:42 +0000 (-0700) Subject: include Set-Login header on session state transition X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=a2f277a5693dc3cfc656d010533ed37e5928b3ee;p=squeep-authentication-module include Set-Login header on session state transition --- diff --git a/lib/authenticator.js b/lib/authenticator.js index 86b95d6..2534cfa 100644 --- a/lib/authenticator.js +++ b/lib/authenticator.js @@ -486,6 +486,7 @@ class Authenticator { path: `${this.proxyPrefix}/`, secure: this.secureAuthOnly, }); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn); return true; } @@ -498,6 +499,7 @@ class Authenticator { path: `${this.proxyPrefix}/`, secure: this.secureAuthOnly, }); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedOut); res.statusCode = 302; res.setHeader(Enum.Header.Location, `${loginPath}?r=${encodeURIComponent(req.url)}`); diff --git a/lib/enum.js b/lib/enum.js index 66e2856..4912cd8 100644 --- a/lib/enum.js +++ b/lib/enum.js @@ -9,8 +9,13 @@ const Enum = mergeDeep(DingusEnum, { Cookie: 'Cookie', Location: 'Location', SetCookie: 'Set-Cookie', + SetLogin: 'Set-Login', WWWAuthenticate: 'WWW-Authenticate', }, + LoginState: { + LoggedIn: 'logged-in', + LoggedOut: 'logged-out', + }, SessionCookie: 'squeepSession', OTPResult: { Valid: 'Valid', diff --git a/lib/session-manager.js b/lib/session-manager.js index 0b4ce4e..4635547 100644 --- a/lib/session-manager.js +++ b/lib/session-manager.js @@ -232,6 +232,7 @@ class SessionManager { } await this._sessionCookieSet(res, session); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn); res.setHeader(Enum.Header.Location, authorizationEndpoint.href); res.statusCode = 302; // Found res.end(); @@ -321,6 +322,7 @@ class SessionManager { authenticatedIdentifier: state.authenticatedIdentifier, }; await this._sessionCookieSet(res, ctx.session); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn); res.statusCode = 302; res.setHeader(Enum.Header.Location, state.redirect); res.end(); @@ -400,6 +402,7 @@ class SessionManager { authenticatedIdentifier: ctx.authenticationId, }; await this._sessionCookieSet(res, ctx.session); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn); res.statusCode = 302; res.setHeader(Enum.Header.Location, redirect); res.end(); @@ -418,6 +421,7 @@ class SessionManager { this.logger.debug(_scope, 'called', { ctx }); await this._sessionCookieClear(res); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedOut); const redirect = ctx.queryParams['r'] || './'; @@ -539,6 +543,7 @@ class SessionManager { }; await this._sessionCookieSet(res, ctx.session); + res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn); res.statusCode = 302; res.setHeader(Enum.Header.Location, redirect); res.end();