From: Justin Wind <justin.wind+git@gmail.com>
Date: Sat, 8 Jun 2024 21:50:42 +0000 (-0700)
Subject: include Set-Login header on session state transition
X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=a2f277a5693dc3cfc656d010533ed37e5928b3ee;p=squeep-authentication-module

include Set-Login header on session state transition
---

diff --git a/lib/authenticator.js b/lib/authenticator.js
index 86b95d6..2534cfa 100644
--- a/lib/authenticator.js
+++ b/lib/authenticator.js
@@ -486,6 +486,7 @@ class Authenticator {
         path: `${this.proxyPrefix}/`,
         secure: this.secureAuthOnly,
       });
+      res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn);
       return true;
     }
 
@@ -498,6 +499,7 @@ class Authenticator {
         path: `${this.proxyPrefix}/`,
         secure: this.secureAuthOnly,
       });
+      res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedOut);
 
       res.statusCode = 302;
       res.setHeader(Enum.Header.Location, `${loginPath}?r=${encodeURIComponent(req.url)}`);
diff --git a/lib/enum.js b/lib/enum.js
index 66e2856..4912cd8 100644
--- a/lib/enum.js
+++ b/lib/enum.js
@@ -9,8 +9,13 @@ const Enum = mergeDeep(DingusEnum, {
     Cookie: 'Cookie',
     Location: 'Location',
     SetCookie: 'Set-Cookie',
+    SetLogin: 'Set-Login',
     WWWAuthenticate: 'WWW-Authenticate',
   },
+  LoginState: {
+    LoggedIn: 'logged-in',
+    LoggedOut: 'logged-out',
+  },
   SessionCookie: 'squeepSession',
   OTPResult: {
     Valid: 'Valid',
diff --git a/lib/session-manager.js b/lib/session-manager.js
index 0b4ce4e..4635547 100644
--- a/lib/session-manager.js
+++ b/lib/session-manager.js
@@ -232,6 +232,7 @@ class SessionManager {
     }
 
     await this._sessionCookieSet(res, session);
+    res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn);
     res.setHeader(Enum.Header.Location, authorizationEndpoint.href);
     res.statusCode = 302; // Found
     res.end();
@@ -321,6 +322,7 @@ class SessionManager {
           authenticatedIdentifier: state.authenticatedIdentifier,
         };
         await this._sessionCookieSet(res, ctx.session);
+        res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn);
         res.statusCode = 302;
         res.setHeader(Enum.Header.Location, state.redirect);
         res.end();
@@ -400,6 +402,7 @@ class SessionManager {
       authenticatedIdentifier: ctx.authenticationId,
     };
     await this._sessionCookieSet(res, ctx.session);
+    res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn);
     res.statusCode = 302;
     res.setHeader(Enum.Header.Location, redirect);
     res.end();
@@ -418,6 +421,7 @@ class SessionManager {
     this.logger.debug(_scope, 'called', { ctx });
 
     await this._sessionCookieClear(res);
+    res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedOut);
 
     const redirect = ctx.queryParams['r'] || './';
 
@@ -539,6 +543,7 @@ class SessionManager {
     };
 
     await this._sessionCookieSet(res, ctx.session);
+    res.setHeader(Enum.Header.SetLogin, Enum.LoginState.LoggedIn);
     res.statusCode = 302;
     res.setHeader(Enum.Header.Location, redirect);
     res.end();