feat: stronger logout

5 files changed, 22 insertions, 9 deletions

diff --git a/src/lib/Utility/oauth.ts b/src/lib/Utility/oauth.ts
index 1c35223d..bc71db5e 100644
--- a/src/lib/Utility/oauth.ts
+++ b/src/lib/Utility/oauth.ts
@@ -1,4 +1,3 @@
-import { dev } from '$app/environment';
 import { redirect, type Cookies } from '@sveltejs/kit';
 
 export interface ClientOptions {
@@ -42,9 +41,9 @@ export const callback = async (options: CallbackOptions) => {
 		{
 			path: '/',
 			maxAge: 60 * 60 * 24 * 7,
-			httpOnly: true,
+			httpOnly: false,
 			sameSite: 'lax',
-			secure: !dev
+			secure: false
 		}
 	);
 
diff --git a/src/routes/+layout.server.ts b/src/routes/+layout.server.ts
index 2df8661f..d2fdce1b 100644
--- a/src/routes/+layout.server.ts
+++ b/src/routes/+layout.server.ts
@@ -1,6 +1,11 @@
-export const load = ({ locals, url }) => {
+export const load = ({ locals, url, cookies }) => {
 	const { user } = locals;
 
+	if (cookies.get('logout') === '1') {
+		cookies.delete('user', { path: '/' });
+		cookies.delete('logout', { path: '/' });
+	}
+
 	return {
 		user,
 		url: url.pathname,
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 7f770e7a..dd9533fe 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -2,7 +2,7 @@
 	import { env } from '$env/dynamic/public';
 	import { userIdentity as getUserIdentity } from '$lib/AniList/identity';
 	import { onMount } from 'svelte';
-	import userIdentity, { defaultIdentity } from '$stores/identity';
+	import userIdentity from '$stores/identity';
 	import settings from '$stores/settings';
 	import { browser } from '$app/environment';
 	import HeadTitle from '$lib/Home/HeadTitle.svelte';
@@ -134,6 +134,8 @@
 						localStorage.removeItem('identity');
 						localStorage.removeItem('commit');
 
+						document.cookie = 'user=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
+
 						window.location.href = root('/api/authentication/log-out');
 					}}
 				>
diff --git a/src/routes/api/authentication/log-out/+server.ts b/src/routes/api/authentication/log-out/+server.ts
index 22ef49d8..e3ce347a 100644
--- a/src/routes/api/authentication/log-out/+server.ts
+++ b/src/routes/api/authentication/log-out/+server.ts
@@ -1,7 +1,15 @@
+import root from '$lib/Utility/root.js';
 import { redirect } from '@sveltejs/kit';
 
 export const GET = ({ cookies }) => {
 	cookies.delete('user', { path: '/' });
+	cookies.set('logout', '1', {
+		path: '/',
+		maxAge: 60 * 60 * 24 * 7,
+		httpOnly: false,
+		sameSite: 'lax',
+		secure: false
+	});
 
-	throw redirect(303, '/');
+	throw redirect(303, root('/'));
 };
diff --git a/src/routes/api/oauth/refresh/+server.ts b/src/routes/api/oauth/refresh/+server.ts
index 8bfac6e6..b2b36db2 100644
--- a/src/routes/api/oauth/refresh/+server.ts
+++ b/src/routes/api/oauth/refresh/+server.ts
@@ -1,4 +1,3 @@
-import { dev } from '$app/environment';
 import { env } from '$env/dynamic/private';
 import { env as env2 } from '$env/dynamic/public';
 import { redirect } from '@sveltejs/kit';
@@ -21,9 +20,9 @@ export const GET = async ({ url, cookies }) => {
 	cookies.set('user', JSON.stringify(newUser), {
 		path: '/',
 		maxAge: 60 * 60 * 24 * 7,
-		httpOnly: true,
+		httpOnly: false,
 		sameSite: 'lax',
-		secure: !dev
+		secure: false
 	});
 
 	if (url.searchParams.get('redirect')) throw redirect(303, '/');