From c243e84d91e076ed1302b7829e9690bf638f1b14 Mon Sep 17 00:00:00 2001
From: Benoit Serrano <benoit.serrano10@gmail.com>
Date: Tue, 28 May 2024 16:43:39 +0200
Subject: [PATCH] add button logout

---
 .env.sample                                               | 1 +
 config.js                                                 | 1 +
 controllers/{startAuthController.js => userController.js} | 5 +++++
 index.js                                                  | 7 +++++--
 lib/oidcAuth.js                                           | 2 ++
 test/startAuthControllerTest.js                           | 2 +-
 urls.js                                                   | 1 +
 views/partials/header.ejs                                 | 3 +++
 8 files changed, 19 insertions(+), 3 deletions(-)
 rename controllers/{startAuthController.js => userController.js} (88%)

diff --git a/.env.sample b/.env.sample
index 2bb8b60d..4e52f74d 100644
--- a/.env.sample
+++ b/.env.sample
@@ -68,6 +68,7 @@ ENCRYPT_SECRET=un_secret_avec_exactement_64_bit
 
 # Use OIDC auth instead of audioconf's magiclink auth
 #OIDC_PROVIDER_URL=
+#OIDC_PROVIDER_LOGOUT_URL=
 #OIDC_CLIENT_ID=
 #OIDC_CLIENT_SECRET=
 
diff --git a/config.js b/config.js
index 76c9e8c6..cfad6243 100644
--- a/config.js
+++ b/config.js
@@ -109,6 +109,7 @@ config.STATS_EXTERNAL_DASHBOARD_URL = process.env.STATS_EXTERNAL_DASHBOARD_URL
 
 
 config.OIDC_PROVIDER_URL = process.env.OIDC_PROVIDER_URL
+config.OIDC_PROVIDER_LOGOUT_URL = process.env.OIDC_PROVIDER_LOGOUT_URL
 config.OIDC_CLIENT_ID = process.env.OIDC_CLIENT_ID
 config.OIDC_CLIENT_SECRET = process.env.OIDC_CLIENT_SECRET
 config.OIDC_ACR_VALUES = process.env.OIDC_ACR_VALUES
diff --git a/controllers/startAuthController.js b/controllers/userController.js
similarity index 88%
rename from controllers/startAuthController.js
rename to controllers/userController.js
index 7768574d..2a91f6bc 100644
--- a/controllers/startAuthController.js
+++ b/controllers/userController.js
@@ -18,3 +18,8 @@ module.exports.startAuth = async (req, res) => {
 
   res.redirect(authRequest.redirectUrl)
 }
+
+module.exports.logout = async(req, res) => {
+  console.log(req.session)
+  return res.redirect(`/`)
+}
diff --git a/index.js b/index.js
index 2c383627..1294d37f 100644
--- a/index.js
+++ b/index.js
@@ -13,7 +13,7 @@ const dashboardController = require("./controllers/dashboardController")
 const format = require("./lib/format")
 const createConfController = require("./controllers/createConfController")
 const landingController = require("./controllers/landingController")
-const startAuthController = require("./controllers/startAuthController")
+const userController = require("./controllers/userController")
 const statusController = require("./controllers/statusController")
 const stats = require("./lib/stats")
 const urls = require("./urls")
@@ -75,7 +75,8 @@ app.use(function(req, res, next){
 
 app.get(urls.landing, landingController.getLanding)
 
-app.post(urls.startAuth, startAuthController.startAuth)
+app.post(urls.startAuth, userController.startAuth)
+app.post(urls.logout, userController.logout)
 
 app.get(urls.validationEmailSent, (req, res) => {
   res.render("validationEmailSent", {
@@ -139,6 +140,8 @@ app.get(urls.faq, (req, res) => {
   })
 })
 
+app.get(urls.logout, userController.logout)
+
 app.get(urls.status, statusController.getStatus)
 
 app.use(Sentry.Handlers.errorHandler())
diff --git a/lib/oidcAuth.js b/lib/oidcAuth.js
index bafda4b8..62471e55 100644
--- a/lib/oidcAuth.js
+++ b/lib/oidcAuth.js
@@ -119,6 +119,8 @@ module.exports.finishAuth = async (req) => {
     return { error: "L'identification a échoué. Entrez votre adresse mail ci-dessous pour recommencer." }
   }
   const email = userinfo.email
+
+  req.session.id_token_hint = tokenSet.id_token
   
   return {
     email,
diff --git a/test/startAuthControllerTest.js b/test/startAuthControllerTest.js
index 8f0f57c9..1b341049 100644
--- a/test/startAuthControllerTest.js
+++ b/test/startAuthControllerTest.js
@@ -4,7 +4,7 @@ const oidcAuth = require("../lib/oidcAuth")
 const sinon = require("sinon")
 const urls = require("../urls")
 
-describe("startAuthController", function() {
+describe("userController", function() {
 
   describe("using oidcAuth", function() {
     let oidcClientStub
diff --git a/urls.js b/urls.js
index 070b091d..7906aaa5 100644
--- a/urls.js
+++ b/urls.js
@@ -14,4 +14,5 @@ module.exports = {
   participantAction: '/dashboard/:participantId/:action',
   dashboard: '/dashboard',
   status: '/api/status',
+  logout: '/api/logout'
 }
diff --git a/views/partials/header.ejs b/views/partials/header.ejs
index a9a50399..abe567b6 100644
--- a/views/partials/header.ejs
+++ b/views/partials/header.ejs
@@ -59,6 +59,9 @@
                 <li>
                   <%- include('dark-mode-switch') -%>
                 </li>
+                <li class="fr-link fr-icon-logout-box-r-line fr-icon">
+                  <a href="<%= urls.logout %>">Se déconnecter</a>
+                </li>
               </ul>
             </div>
           </div>